安全云脑 SECMASTER-更新告警:响应示例

时间:2023-12-06 18:52:41

响应示例

状态码: 200

更新告警返回body体

{
  "code" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
  "message" : "Error message",
  "data" : {
    "data_object" : {
      "version" : "1.0",
      "environment" : {
        "vendor_type" : "MyXXX",
        "domain_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "region_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "project_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f"
      },
      "data_source" : {
        "source_type" : 3,
        "domain_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "project_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "region_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f"
      },
      "first_observed_time" : "2021-01-30T23:00:00Z+0800",
      "last_observed_time" : "2021-01-30T23:00:00Z+0800",
      "create_time" : "2021-01-30T23:00:00Z+0800",
      "arrive_time" : "2021-01-30T23:00:00Z+0800",
      "title" : "MyXXX",
      "description" : "This my XXXX",
      "source_url" : "http://xxx",
      "count" : 4,
      "confidence" : 4,
      "severity" : "TIPS",
      "criticality" : 4,
      "alert_type" : { },
      "network_list" : [ {
        "direction" : {
          "IN" : null
        },
        "protocol" : "TCP",
        "src_ip" : "192.168.0.1",
        "src_port" : "1",
        "src_domain" : "xxx",
        "dest_ip" : "192.168.0.1",
        "dest_port" : "1",
        "dest_domain" : "xxx",
        "src_geo" : {
          "latitude" : 90,
          "longitude" : 180
        },
        "dest_geo" : {
          "latitude" : 90,
          "longitude" : 180
        }
      } ],
      "resource_list" : [ {
        "id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "name" : "MyXXX",
        "type" : "MyXXX",
        "domain_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "project_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "region_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "ep_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "ep_name" : "MyXXX",
        "tags" : "909494e3-558e-46b6-a9eb-07a8e18ca62f"
      } ],
      "remediation" : {
        "recommendation" : "MyXXX",
        "url" : "MyXXX"
      },
      "verification_state" : "Unknown – 未知,True_Positive – 确认,False_Positive – 误报。默认填写Unknown",
      "handle_status" : "Open – 打开,Block – 阻塞,Closed – 关闭。默认填写Open",
      "sla" : 60000,
      "update_time" : "2021-01-30T23:00:00Z+0800",
      "close_time" : "2021-01-30T23:00:00Z+0800",
      "ipdrr_phase" : "Prepartion|Detection and Analysis|Containm,Eradication& Recovery| Post-Incident-Activity",
      "simulation" : "false",
      "actor" : "刘一博",
      "owner" : "MyXXX",
      "creator" : "MyXXX",
      "close_reason" : "误检;已解决;重复;其他",
      "close_comment" : "误检;已解决;重复;其他",
      "malware" : {
        "malware_family" : "family",
        "malware_class" : "恶意占用内存"
      },
      "system_info" : { },
      "process" : [ {
        "process_name" : "MyXXX",
        "process_path" : "MyXXX",
        "process_pid" : 123,
        "process_uid" : 123,
        "process_cmdline" : "MyXXX"
      } ],
      "user_info" : [ {
        "user_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
        "user_name" : "MyXXX"
      } ],
      "file_info" : [ {
        "file_path" : "MyXXX",
        "file_content" : "MyXXX",
        "file_new_path" : "MyXXX",
        "file_hash" : "MyXXX",
        "file_md5" : "MyXXX",
        "file_sha256" : "MyXXX",
        "file_attr" : "MyXXX"
      } ],
      "system_alert_table" : { },
      "id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
      "workspace_id" : "909494e3-558e-46b6-a9eb-07a8e18ca620"
    },
    "create_time" : "2021-01-30T23:00:00Z+0800",
    "update_time" : "2021-01-30T23:00:00Z+0800",
    "project_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
    "workspace_id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
    "id" : "MyXXX",
    "version" : 11,
    "format_version" : 11,
    "dataclass_ref" : {
      "id" : "909494e3-558e-46b6-a9eb-07a8e18ca62f",
      "name" : "MyXXX"
    }
  }
}
support.huaweicloud.com/api-secmaster/ChangeAlert.html