Available in Classic and VPC
Get the list of security events that occurred while using the Anti-virus service.
Request
The following describes the request format for the endpoint. The request format is as follows:
| Method | URI |
|---|---|
| POST | /getAVList |
Request headers
For headers common to Security Monitoring APIs, see Security Monitoring request headers.
Request body
The following describes the request body.
| Field | Type | Required | Description |
|---|---|---|---|
startDateTime |
Long | Required | Security event query start time (Unix timestamp)
|
endDateTime |
Long | Required | Security event query end time (Unix timestamp)
|
page |
Integer | Required | Page number |
countPerPage |
Integer | Required | Displayed number per page |
order |
String | Optional | Event detection time sort order
|
regionCode |
String | Optional | Region code
|
zoneName |
String | Optional | Zone type
|
infectedServerIp |
String | Optional | IP address of the server where the security event was detected |
detectionPath |
String | Optional | Detailed path where the security event was detected |
malwareType |
String | Optional | Type of malware detected |
Request example
The following is a sample request.
curl --location --request POST 'https://securitymonitoring.apigw.ntruss.com/vsecuritymonitoring/v1/getAVList'
--header 'x-ncp-apigw-timestamp: {Timestamp}'
--header 'x-ncp-iam-access-key: {Access Key}'
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}'
--data '{
"startDateTime": 1720540427000,
"endDateTime": 1720680827000,
"page": 1,
"countPerPage": 20
}'
Response
The following describes the response format.
Response body
The following describes the response body.
| Field | Type | Required | Description |
|---|---|---|---|
returnCode |
Integer | - | Processing result code for the request |
returnMessage |
String | - | Processing result message for the request |
totalRows |
Integer | - | Total number of lists searched |
page |
Integer | - | No. of page requested |
antiVirusDataList[] |
Array | - | Anti-virus security event list |
antiVirusDataList[].ticketId |
String | - | Unique number assigned to the security event |
antiVirusDataList[].date |
String | - | Detection time of the security event (Unix timestamp) |
antiVirusDataList[].product |
String | - | Service type
|
antiVirusDataList[].attackType |
String | - | Name of the detected malicious file |
antiVirusDataList[].targetIp |
String | - | IP address targeted for the attack |
antiVirusDataList[].detectionPath |
String | - | Detailed path where the malware was detected |
antiVirusDataList[].actionStatus |
String | - | Action status for the security event |
antiVirusDataList[].region |
String | - | Region |
antiVirusDataList[].zoneName |
String | - | Zone type
|
antiVirusDataList[].platForm |
String | - | Platform type
|
antiVirusDataList[].vpcName |
String | - | VPC name |
Response status codes
For error codes common to Security Monitoring APIs, see Common Security Monitoring error codes.
Response example
The following is a sample example.
{
"returnCode": 0,
"returnMessage": "SUCCESS",
"totalRows": 1,
"page": 1,
"antiVirusDataList": [
{
"ticketId": "526542395",
"date": "1720649241000",
"product": "ANTIVIRUS_V2",
"attackType": "Possible_Hifrm-6",
"targetIp": "***.***.***.***",
"detectionPath": "/home/admin/www/include/ckeditor/uploads/e47f3ef3e76a23074bc4e959b1c6e55d.jpg",
"actionStatus": "Pass",
"region": "Korea",
"zoneName": "KR-2",
"platForm": "VPC",
"vpcName": "kr-sm-vpc"
}
]
}