Security Monitoring overview

Prev Next

Available in Classic and VPC

Security Monitoring is a NAVER Cloud Platform service that provides an automated security system that monitors external security threats in real time and efficiently responds to detected events. The Security Monitoring service provides APIs for Anti-virus service, Anti-DDoS (Anti-Distributed Denial of Service) service, IDS (Intrusion Detection System) service, IPS (Intrusion Prevention System) service, and WAF (Web Application Firewall) service features in RESTful form.

Common Security Monitoring settings

The following describes commonly used request and response formats in Security Monitoring APIs.

Request

The following describes the common request format.

API URL

The request API URL is as follows:

Classic: https://securitymonitoring.apigw.ntruss.com/securitymonitoring/v1/
VPC: https://securitymonitoring.apigw.ntruss.com/vsecuritymonitoring/v1/

Request headers

The following describes the request headers.

The following table lists the request headers for IAM authentication.

Field Required Description
x-ncp-apigw-timestamp Required This is the number of milliseconds that have elapsed since January 1, 1970 00:00:00 UTC.
  • Request is considered invalid if the timestamp differs from the current time by more than 5 minutes.
    		•
    x-ncp-iam-access-key Required Access key issued on NAVER Cloud Platform
  • Issue and check access key: See Create authentication key.
  • Issue and check access key for sub account: See Create sub account.
    		•
    x-ncp-apigw-signature-v2 Required Base64-encoded signature that encrypts the request information with a secret key that maps to the access key issued on NAVER Cloud Platform, using the HMAC encryption algorithm (HmacSHA256)
  • Issue and check secret key: See Create authentication key.
  • Create signature: See Create signature.
    		•
    content-type Required Request data format
  • application/json
    		•

    Response

    The following describes the common response format.

    Response status codes

    The following describes the response status codes.

    HTTP status code Code Message Description
    200 0 SUCCESS Success
    200 9 Internal Error Acquired Internal error
    400 100 Bad Request Exception Request syntax error
    401 200 Authentication Failed Authentication failed
    401 210 Permission Denied Access unauthorized
    403 -1 Permission Denied Access unauthorized
    404 300 Not Found Exception Resource not found
    429 400 Quota Exceeded Request quota exceeded
    429 410 Throttle Limited Too fast or frequent requests
    429 420 Rate Limited Too many requests in a given time period
    413 430 Request Entity Too Large Request size exceeded
    503 500 Endpoint Error Endpoint error
    504 510 Endpoint Timeout Endpoint timeout
    500 900 Unexpected Error Unknown error
    Note

    For response status codes common to NAVER Cloud Platform, see Ncloud API response status codes.

    Security Monitoring API

    The following describes the APIs provided by the Key Management Service API service.

    API Description
    getAVList Get the list of security events that occurred while using the Anti-virus service.
    getDDoSList Get the list of security events that occurred while using the Anti-DDoS service.
    getDDoSEventDetail Get details of a security event that occurred while using the Anti-DDoS service.
    getIDSList Get the list of security events that occurred while using the IDS service.
    getIDSEventDetail Get details of a security event that occurred while using the IDS service.
    getIPSList Get the list of security events that occurred while using the IPS service.
    getWAFList Get the list of security events that occurred while using the WAF service.

    Security Monitoring related resources

    NAVER Cloud Platform provides a variety of related resources to help users better understand Security Monitoring APIs.