getAVList
- Print
- PDF
getAVList
- Print
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
Overview
- The getAVList API is a feature provided by the "Anti-Virus" of "Security Monitoring" that allows you to check the list of security events detected by the Anti-Virus.
- The API request must be IAM-authenticated via API Gateway.
Request
Platform | Method | Request URI |
---|---|---|
Classic | POST | https://securitymonitoring.apigw.ntruss.com/securitymonitoring/v1/getAVList |
VPC | POST | https://securitymonitoring.apigw.ntruss.com/vsecuritymonitoring/v1/getAVList |
Request Header
Header | Description |
---|---|
x-ncp-apigw-timestamp | It is the number of milliseconds that have elapsed since January 1, 1970 00:00:00 UTC. If the time difference with the API Gateway server is more than 5 minutes, the request is considered invalid. |
x-ncp-iam-access-key | API key issued by NAVER Cloud Platform or access key issued by IAM |
x-ncp-apigw-signature-v2 | Signature used to encrypt the body with the “secret key” that maps with the “access key.” The HMAC encryption algorithm is HMAC SHA256. Reference Call APIs that require IAM authentication |
Request parameters
Parameter | Required | Type | Description |
---|---|---|---|
startDateTime | Yes | long | Event search start time |
endDateTime | Yes | long | Event search end time |
page | Yes | int | Page Number |
countPerPage | Yes | int | Number of displayed items per page |
order | No | string | Sort by Event detection time(asc, desc) default value : desc |
regionCode | No | string | Region code (Korea: KR , Germany:DEN , Japan:JPN , Singapore:SGN , USW:USWN ) |
zoneName | No | string | Zone(KR-1, KR-2) |
infectedServerIp | No | string | Detection IP |
detectionPath | No | string | Detection Path |
malwareType | No | string | Detection Name |
Response
Response body
Field | Type | Description |
---|---|---|
returnCode | string | Response code |
returnMessage | string | Response message |
totalRows | int | This is the total number of getAVList. |
page | int | This is the requested page number. |
antiVirusDataList[] | array | Event List |
antiVirusDataList[].ticketId | string | Event Number |
antiVirusDataList[].date | string | Event detection time |
antiVirusDataList[].product | string | Product sortation classic : ANTIVIRUS , vpc : ANTIVIRUS_V2 |
antiVirusDataList[].attackType | string | Detection Name |
antiVirusDataList[].targetIp | string | Detection IP |
antiVirusDataList[].detectionPath | string | Detection Path |
antiVirusDataList[].actionStatus | string | Status |
antiVirusDataList[].region | string | Region |
antiVirusDataList[].zoneName | string | ZoneKR-1 , JPN-1 ) |
antiVirusDataList[].platForm | string | Platform(CLASSIC, VPC) |
antiVirusDataList[].vpcName | string | VPC nameUse only in VPC |
Examples
Request example(Classic)
curl -X POST "https://securitymonitoring.apigw.ntruss.com/securitymonitoring/v1/getAVList"
-H "accept: application/json"
-H "x-ncp-apigw-api-key: {x-ncp-apigw-api-key}"
-H "x-ncp-iam-access-key: {x-ncp-iam-access-key}"
-H "x-ncp-apigw-timestamp: {x-ncp-apigw-timestamp}"
-H "x-ncp-apigw-signature-v2: {x-ncp-apigw-signature-v2}"
-d {"startDateTime": {startDateTime},
"endDateTime": {endDateTime},
"page": {page},
"countPerPage": {countPerPage}
}
Request example(VPC)
curl -X POST "https://securitymonitoring.apigw.ntruss.com/vsecuritymonitoring/v1/getAVList"
-H "accept: application/json"
-H "x-ncp-apigw-api-key: {x-ncp-apigw-api-key}"
-H "x-ncp-iam-access-key: {x-ncp-iam-access-key}"
-H "x-ncp-apigw-timestamp: {x-ncp-apigw-timestamp}"
-H "x-ncp-apigw-signature-v2: {x-ncp-apigw-signature-v2}"
-d {"startDateTime": {startDateTime},
"endDateTime": {endDateTime},
"page": {page},
"countPerPage": {countPerPage}
}
Response example
{
"returnCode": "0",
"returnMessage": "SUCCESS",
"totalRows": 1,
"page": 1,
"antiVirusDataList": [
{
"ticketId": "1",
"date": "1600327664000",
"product": "ANTIVIRUS_V2",
"attackType": "Eicar_test_file",
"targetIp": "10.0.1.7",
"detectionPath": "/root/avtest1.sh",
"actionStatus": "Quarantine",
"region": "Korea",
"zoneName": "KR-1",
"platForm": "VPC",
"vpcName": "vpc-test"
}
]
}
Was this article helpful?