tencent cloud

PrevNext

文档反馈

请输入关键字

Recent Pages

文档
文档

Data Types

最后更新时间:2020-09-11 10:41:09

Account

Account list information.

Used by actions: DescribeAccounts.

Name Type Description
Id Integer Unique ID.
Uuid String CWP agent Uuid
MachineIp String Private IP of server.
MachineName String Server name.
Username String Account name.
Groups String Account group.
Privilege String Account type.
  • ORDINARY: ordinary account
  • SUPPER: super admin account
    		•
    AccountCreateTime Timestamp Account creation time.
    LastLoginTime Timestamp Account last login time.

    AccountStatistics

    Account statistics.

    Used by actions: DescribeAccountStatistics.

    Name Type Description
    Username String Username.
    MachineNum Integer Number of servers.

    AgentVul

    Server vulnerability information

    Used by actions: DescribeAgentVuls.

    Name Type Description
    Id Integer Vulnerability ID.
    MachineIp String Server IP.
    VulName String Vulnerability name.
    VulLevel String Vulnerability severity level.
  • HIGH: high
  • MIDDLE: medium
  • LOW: low
  • NOTICE: notice
    		•
    LastScanTime Timestamp Last scanned time.
    Description String Vulnerability description.
    VulId Integer Vulnerability category ID.
    VulStatus String Vulnerability status.
  • UN_OPERATED: to be processed
  • FIXED: fixed
    		•

    BruteAttack

    Brute force attack list

    Used by actions: DescribeBruteAttacks.

    Name Type Description
    Id Integer Event ID.
    MachineIp String Server IP.
    Status String Brute force attack event status
  • BRUTEATTACK_FAIL_ACCOUNT: brute force attack event - failure (the account exists)
  • BRUTEATTACK_FAIL_NOACCOUNT: brute force attack event - failure (the account does not exist)
  • BRUTEATTACK_SUCCESS: brute force attack event - success
    • UserName String Username.
    City Integer City ID.
    Country Integer Country/Region ID.
    Province Integer Province/State ID.
    SrcIp String Source IP.
    Count Integer Number of attempts.
    CreateTime Timestamp Occurrence time.
    MachineName String Server name.
    Uuid String CWP agent UUID.
    IsProVersion Boolean Whether the server enables CWP Pro.
    BanStatus String Whether the server is banned.
    Quuid String Server UUID

    Component

    Component list data.

    Used by actions: DescribeComponents.

    Name Type Description
    Id Integer Unique ID.
    Uuid String CWP agent Uuid.
    MachineIp String Private IP of server.
    MachineName String Server name.
    ComponentVersion String Component version number.
    ComponentType String Component type.
  • SYSTEM: system component
  • WEB: web component
    		•
    ComponentName String Component name.
    ModifyTime Timestamp Component detection update time.

    ComponentStatistics

    Component statistics.

    Used by actions: DescribeComponentStatistics.

    Name Type Description
    Id Integer Component ID.
    MachineNum Integer Number of servers.
    ComponentName String Component name.
    ComponentType String Component type.
  • WEB: web component
  • SYSTEM: system component
    		•
    Description String Component description.

    Filter

    Key-value pair filters for conditional filtering queries, such as filtering ID, name, and status.

    If more than one filter exists, the logical relationship between these filters is AND.
    If multiple values exist in one filter, the logical relationship between these values is OR.

    • There can be up to 5 filters
    • There can be up to 5 Values in the same Filter.

    Used by actions: DescribeAccountStatistics, DescribeAccounts, DescribeAgentVuls, DescribeBruteAttacks, DescribeComponentStatistics, DescribeComponents, DescribeHistoryAccounts, DescribeImpactedHosts, DescribeLoginWhiteList, DescribeMachines, DescribeMaliciousRequests, DescribeMalwares, DescribeNonlocalLoginPlaces, DescribeOpenPortStatistics, DescribeOpenPorts, DescribeProcessStatistics, DescribeProcesses, DescribeVuls.

    Name Type Required Description
    Name String Yes Filter key name.
    Values Array of String Yes One or more filter values.

    HistoryAccount

    Account change history data.

    Used by actions: DescribeHistoryAccounts.

    Name Type Description
    Id Integer Unique ID.
    Uuid String CWP agent Uuid.
    MachineIp String Private IP of server.
    MachineName String Server name.
    Username String Account name.
    ModifyType String Account change type.
  • CREATE: creates account
  • MODIFY: modifies account
  • DELETE: deletes account
    		•
    ModifyTime Timestamp Change time.

    ImpactedHost

    Affected server information

    Used by actions: DescribeImpactedHosts.

    Name Type Description
    Id Integer Vulnerability ID.
    MachineIp String Server IP.
    MachineName String Server name.
    LastScanTime Timestamp Last detection time.
    VulStatus String Vulnerability status.
  • UN_OPERATED: to be processed
  • SCANING: scanning
  • FIXED: fixed
    		•
    Uuid String CWP agent UUID.
    Description String Vulnerability description.
    VulId Integer Vulnerability category ID.
    IsProVersion Boolean Whether it is the CWP Pro.

    LoginWhiteLists

    Login allowlist

    Used by actions: DescribeLoginWhiteList.

    Name Type Description
    Id Integer Record ID
    Uuid String CWP agent ID
    Places Array of Place Whitelisted location
    UserName String Whitelisted users (separated by commas)
    SrcIp String Whitelisted IPs (separated by commas)
    IsGlobal Boolean Whether this rule is applied to all servers under the current account
    CreateTime Timestamp Whitelist creation time
    ModifyTime Timestamp Whitelist modification time
    MachineName String Server name
    HostIp String Server IP
    StartTime String Start time
    EndTime String End time

    LoginWhiteListsRule

    Whitelist rule

    Used by actions: AddLoginWhiteList, ModifyLoginWhiteList.

    Name Type Required Description
    Places Array of Place Yes Whitelisted location
    SrcIp String Yes Whitelisted IPs (separated by commas). This parameter can be an IP range.
    UserName String Yes Whitelisted usernames (separated by commas)
    IsGlobal Boolean Yes Whether this rule is applied to all servers under the current account
    HostIp String Yes Server for which the allowlist takes effect
    Id Integer No Rule ID, used for rule updating
    StartTime String No Start time
    EndTime String No End time

    Machine

    Server list

    Used by actions: DescribeMachines.

    Name Type Description
    MachineName String Server name.
    MachineOs String Server OS.
    MachineStatus String Server status.
  • OFFLINE: offline
  • ONLINE: online
  • MACHINE_STOPPED: shut down
    		•
    Uuid String CWP agent Uuid. If the agent is offline for a long time, a null character will be returned.
    Quuid String CVM or BM instance Uuid.
    VulNum Integer Number of vulnerabilities.
    MachineIp String Server IP.
    IsProVersion Boolean Whether the server has enabled CWP Pro.
  • true: yes
  • false: no
    		•
    MachineWanIp String Public IP of server.
    PayMode String Server status.
  • POSTPAY: post-paid, i.e., pay-as-you-go
    • MalwareNum Integer Number of trojans.
    Tag Array of MachineTag Tag information
    BaselineNum Integer Number of baseline risks.
    CyberAttackNum Integer Number of network risks.
    SecurityStatus String Risk status.
  • SAFE: safe
  • RISK: at risk
  • UNKNOWN: unknown
    		•
    InvasionNum Integer Number of intrusions
    RegionInfo RegionInfo Region information

    MachineTag

    Server tag information

    Used by actions: DescribeMachines.

    Name Type Description
    Rid Integer Associated tag ID
    Name String Tag name
    TagId Integer Tag ID

    MaliciousRequest

    Malicious request data.

    Used by actions: DescribeMaliciousRequests.

    Name Type Description
    Id Integer Record ID.
    Uuid String CWP agent UUID.
    MachineIp String Private IP of server.
    MachineName String Server name.
    Domain String Malicious request domain name.
    Count Integer Number of malicious requests.
    ProcessName String Process name.
    Status String Record status.
  • UN_OPERATED: to be processed
  • TRUSTED: trusted
  • UN_TRUSTED: untrusted
    		•
    Description String Malicious request domain name description.
    Reference String Reference address.
    CreateTime Timestamp Discovery time.
    MergeTime Timestamp Record merge time.
    ProcessMd5 String Process MD5
    Value.
    CmdLine String Executed command line.
    Pid Integer Process PID.

    Malware

    Trojan information

    Used by actions: DescribeMalwares.

    Name Type Description
    Id Integer Event ID.
    MachineIp String Server IP.
    Status String Current trojan status.
  • UN_OPERATED: not processed
  • SEGREGATED: isolated
  • TRUSTED: trusted
  • SEPARATING: isolating
  • RECOVERING: recovering
    		•
    FilePath String Trojan path.
    Description String Trojan description.
    MachineName String Server name.
    FileCreateTime Timestamp Trojan file creation time.
    ModifyTime Timestamp Trojan file modification time.
    Uuid String CWP agent UUID.

    NonLocalLoginPlace

    Unusual login location

    Used by actions: DescribeNonlocalLoginPlaces.

    Name Type Description
    Id Integer Event ID.
    MachineIp String Server IP.
    Status String Login status
  • NON_LOCAL_LOGIN: unusual login location
  • NORMAL_LOGIN: intended login
    		•
    UserName String Username.
    City Integer City ID.
    Country Integer Country/Region ID.
    Province Integer Province/State ID.
    SrcIp String Login IP.
    MachineName String Server name.
    LoginTime Timestamp Login time.
    Uuid String CWP agent Uuid.

    OpenPort

    Port list

    Used by actions: DescribeOpenPorts.

    Name Type Description
    Id Integer Unique ID.
    Uuid String CWP agent UUID.
    Port Integer Open port number.
    MachineIp String Server IP.
    MachineName String Server name.
    ProcessName String Process name corresponding to port.
    Pid Integer Process Pid corresponding to port.
    CreateTime Timestamp Record creation time.
    ModifyTime Timestamp Record update time.

    OpenPortStatistics

    Port statistics list

    Used by actions: DescribeOpenPortStatistics.

    Name Type Description
    Port Integer Port number
    MachineNum Integer Number of servers

    Place

    Login location information

    Used by actions: AddLoginWhiteList, CreateUsualLoginPlaces, DescribeLoginWhiteList, ModifyLoginWhiteList.

    Name Type Required Description
    CityId Integer Yes City ID.
    ProvinceId Integer Yes Province/State ID.
    CountryId Integer Yes Country/Region ID. Currently, only 1 (Mainland China) is supported.

    Process

    Process information.

    Used by actions: DescribeProcesses.

    Name Type Description
    Id Integer Unique ID.
    Uuid String CWP agent UUID.
    MachineIp String Private IP of server.
    MachineName String Server name.
    Pid Integer Process Pid.
    Ppid Integer Process Ppid.
    ProcessName String Process name.
    Username String Process username.
    Platform String OS.
  • WIN32: Windows 32-bit
  • WIN64: Windows 64-bit
  • LINUX32: Linux 32-bit
  • LINUX64: Linux 64-bit
    		•
    FullPath String Process path.
    CreateTime Timestamp Creation time.

    ProcessStatistics

    Process statistics.

    Used by actions: DescribeProcessStatistics.

    Name Type Description
    ProcessName String Process name.
    MachineNum Integer Number of servers.

    RegionInfo

    Region information

    Used by actions: DescribeMachines.

    Name Type Description
    Region String Region, such as ap-guangzhou, ap-shanghai and ap-beijing
    RegionName String Region name, such as South China (Guangzhou), East China (Shanghai), and North China (Beijing)
    RegionId Integer Region ID
    RegionCode String Region code, such as gz, sh, and bj

    SecurityDynamic

    Security event message data.

    Used by actions: DescribeSecurityDynamics.

    Name Type Description
    Uuid String CWP agent UUID.
    EventTime Timestamp Security event occurrence time.
    EventType String Security event type.
  • MALWARE: trojan event
  • NON_LOCAL_LOGIN: unusual login location
  • BRUTEATTACK_SUCCESS: brute force attack succeeded
  • VUL: vulnerability
  • BASELINE: security baseline
    		•
    Message String Security event message.
    SecurityLevel String Security event level.
  • RISK: severe
  • HIGH: high
  • NORMAL: medium
  • LOW: low
    		•

    SecurityTrend

    Security trend statistics.

    Used by actions: DescribeSecurityTrends.

    Name Type Description
    Date Date Event time.
    EventNum Integer Number of events.

    Tag

    Tag information

    Used by actions: DescribeTags.

    Name Type Description
    Id Integer Tag ID
    Name String Tag name
    Count Integer Number of servers

    TagMachine

    Tagged server information

    Used by actions: DescribeTagMachines.

    Name Type Description
    Id String ID
    Quuid String Server ID
    MachineName String Server name
    MachineIp String Private IP of server
    MachineWanIp String Public IP of server
    MachineRegion String Server region
    MachineType String Server region type

    UsualPlace

    Usual login location

    Used by actions: DescribeUsualLoginPlaces.

    Name Type Description
    Id Integer ID.
    Uuid String CWP agent UUID.
    CountryId Integer Country/Region ID.
    ProvinceId Integer Province/State ID.
    CityId Integer City ID.

    Vul

    Vulnerability list data

    Used by actions: DescribeVuls.

    Name Type Description
    VulId Integer Vulnerability category ID
    VulName String Vulnerability name
    VulLevel String Vulnerability severity level:
    HIGH: high
    MIDDLE: medium
    LOW: low
    NOTICE: notice
    LastScanTime Timestamp Last scanned time
    ImpactedHostNum Integer Number of affected servers
    VulStatus String Vulnerability status
    * UN_OPERATED: to be processed
    * FIXED: fixed

    WeeklyReport

    Weekly report list.

    Used by actions: DescribeWeeklyReports.

    Name Type Description
    BeginDate Date Weekly report start time.
    EndDate Date Weekly report end time.

    WeeklyReportBruteAttack

    Brute force attack data in weekly CWP Pro report.

    Used by actions: DescribeWeeklyReportBruteAttacks.

    Name Type Description
    MachineIp String Server IP.
    Username String Hacked username.
    SrcIp String Source IP.
    Count Integer Number of attempts.
    AttackTime Timestamp Attack time.

    WeeklyReportMalware

    Trojan data in weekly CWP Pro report.

    Used by actions: DescribeWeeklyReportMalwares.

    Name Type Description
    MachineIp String Server IP.
    FilePath String Trojan file path.
    Md5 String Trojan file MD5 value.
    FindTime Timestamp Trojan discovery time.
    Status String Current trojan status.
  • UN_OPERATED: not processed
  • SEGREGATED: isolated
  • TRUSTED: trusted
  • SEPARATING: isolating
  • RECOVERING: recovering
    		•

    WeeklyReportNonlocalLoginPlace

    Unusual login location data in weekly CWP Pro report

    Used by actions: DescribeWeeklyReportNonlocalLoginPlaces.

    Name Type Description
    MachineIp String Server IP.
    Username String Username.
    SrcIp String Source IP.
    Country Integer Country/Region ID.
    Province Integer Province/State ID.
    City Integer City ID.
    LoginTime Timestamp Login time.

    WeeklyReportVul

    Vulnerability data in weekly CWP Pro report.

    Used by actions: DescribeWeeklyReportVuls.

    Name Type Description
    MachineIp String Private IP of server.
    VulName String Vulnerability name.
    VulType String Vulnerability type.
  • WEB: web vulnerability
  • SYSTEM: system component vulnerability
  • BASELINE: security baseline
    		•
    Description String Vulnerability description.
    VulStatus String Vulnerability status.
  • UN_OPERATED: to be processed
  • SCANING: scanning
  • FIXED: fixed
    		•
    LastScanTime Timestamp Last scanned time.
    Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
    隐私条款服务条款缓存条款