MENU
      getAVList

        getAVList


        Article summary

        Available in Classic and VPC

        Get the list of security events that occurred while using the Anti-virus service.

        Request

        The following describes the request format for the endpoint. The request format is as follows:

        MethodURI
        POST/getAVList

        Request headers

        For headers common to Security Monitoring APIs, see Security Monitoring request headers.

        Request body

        The following describes the request body.

        FieldTypeRequiredDescription
        startDateTimeLongRequiredSecurity event query start time (Unix timestamp)
        • <E.g.> 1720540427000
        endDateTimeLongRequiredSecurity event query end time (Unix timestamp)
        • <E.g.> 1720540427000
        pageIntegerRequiredPage number
        countPerPageIntegerRequiredDisplayed number per page
        orderStringOptionalEvent detection time sort order
        • asc | desc (default)
          • asc: ascending
          • desc: descending
        regionCodeStringOptionalRegion code
        • KR | DEN | JPN | SGN | USWN
          • KR: Korea
          • DEN: Germany
          • JPN: Japan
          • SGN: Singapore
          • USWN: U.S.
        zoneNameStringOptionalZone type
        • KR-1 | KR-2
        infectedServerIpStringOptionalIP address of the server where the security event was detected
        detectionPathStringOptionalDetailed path where the security event was detected
        malwareTypeStringOptionalType of malware detected

        Request example

        The following is a sample request.

        curl --location --request POST 'https://securitymonitoring.apigw.ntruss.com/vsecuritymonitoring/v1/getAVList'
        --header 'x-ncp-apigw-timestamp: {Timestamp}'
        --header 'x-ncp-iam-access-key: {Access Key}'
        --header 'x-ncp-apigw-signature-v2: {API Gateway Signature}'
        --data '{
            "startDateTime": 1720540427000,
            "endDateTime": 1720680827000,
            "page": 1,
            "countPerPage": 20
        }'
        Curl

        Response

        The following describes the response format.

        Response body

        The following describes the response body.

        FieldTypeRequiredDescription
        returnCodeInteger-Processing result code for the request
        returnMessageString-Processing result message for the request
        totalRowsInteger-Total number of lists searched
        pageInteger-No. of page requested
        antiVirusDataList[]Array-Anti-virus security event list
        antiVirusDataList[].ticketIdString-Unique number assigned to the security event
        antiVirusDataList[].dateString-Detection time of the security event (Unix timestamp)
        antiVirusDataList[].productString-Service type
        • ANTIVIRUS | ANTIVIRUS_V2
          • ANTIVIRUS: Classic environment
          • ANTIVIRUS_V2: VPC environment
        antiVirusDataList[].attackTypeString-Name of the detected malicious file
        antiVirusDataList[].targetIpString-IP address targeted for the attack
        antiVirusDataList[].detectionPathString-Detailed path where the malware was detected
        antiVirusDataList[].actionStatusString-Action status for the security event
        antiVirusDataList[].regionString-Region
        antiVirusDataList[].zoneNameString-Zone type
        • KR-1 | KR-2
        antiVirusDataList[].platFormString-Platform type
        • CLASSIC | VPC
        antiVirusDataList[].vpcNameString-VPC name

        Response status codes

        For error codes common to Security Monitoring APIs, see Common Security Monitoring error codes.

        Response example

        The following is a sample example.

        {
            "returnCode": 0,
            "returnMessage": "SUCCESS",
            "totalRows": 1,
            "page": 1,
            "antiVirusDataList": [
                {
                    "ticketId": "526542395",
                    "date": "1720649241000",
                    "product": "ANTIVIRUS_V2",
                    "attackType": "Possible_Hifrm-6",
                    "targetIp": "***.***.***.***",
                    "detectionPath": "/home/admin/www/include/ckeditor/uploads/e47f3ef3e76a23074bc4e959b1c6e55d.jpg",
                    "actionStatus": "Pass",
                    "region": "Korea",
                    "zoneName": "KR-2",
                    "platForm": "VPC",
                    "vpcName": "kr-sm-vpc"
                }
            ]
        }
        JSON

        Was this article helpful?

        Changing your password will log you out immediately. Use the new password to log back in.
        First name must have atleast 2 characters. Numbers and special characters are not allowed.
        Last name must have atleast 1 characters. Numbers and special characters are not allowed.
        Enter a valid email
        Enter a valid password
        Your profile has been successfully updated.