Login
      Contents x
      getIPSList
        • Print
        • PDF
        Contents

        getIPSList

          • Print
          • PDF
          Article Summary

          Overview

          • The getIPSList API is a feature provided by the "IPS" of "Security Monitoring" that allows you to check the list of security events detected by the IPS.
          • The API request must be IAM-authenticated via API Gateway.

          Request

          PlatformMethodRequest URI
          ClassicPOSThttps://securitymonitoring.apigw.ntruss.com/securitymonitoring/v1/getIPSList
          VPCPOSThttps://securitymonitoring.apigw.ntruss.com/vsecuritymonitoring/v1/getIPSList

          Request Header

          HeaderDescription
          x-ncp-apigw-timestampIt is the number of milliseconds that have elapsed since January 1, 1970 00:00:00 UTC.
          If the time difference with the API Gateway server is more than 5 minutes, the request is considered invalid.
          x-ncp-iam-access-keyAPI key issued by NAVER Cloud Platform or access key issued by IAM
          x-ncp-apigw-signature-v2Signature used to encrypt the body with the “secret key” that maps with the “access key.”
          The HMAC encryption algorithm is HMAC SHA256.

          Reference Call APIs that require IAM authentication

          Request parameters

          ParameterRequiredTypeDescription
          startDateTimeYeslongEvent search start time
          endDateTimeYeslongEvent search end time
          pageYesintPage Number
          countPerPageYesintNumber of displayed items per page
          orderNostringSort by Event detection time(asc, desc)
          default value : desc
          regionCodeNostringRegion code
          (Korea:KR, Germany:DEN, Japan:JPN, Singapore:SGN, USW:USWN)
          zoneNameNostringZone(KR-1, KR-2)
          eventNmNostringEvent name
          attackIpNostringAttacker IP
          targetIpNostringTarget IP
          attackTypeNostringAttack Type
          Use only in Classic
          protocolNostringProtocol
          Use only in VPC

          Response

          Response body

          FieldTypeDescription
          returnCodestringResponse code
          returnMessagestringResponse message
          totalRowsintThis is the total number of getIPSList.
          pageintThis is the requested page number.
          ipsDataList[]arrayIPS Event List
          ipsDataList[].ticketIdstringIPS Event Number
          ipsDataList[].datestringEvent detection time
          ipsDataList[].productstringProduct sortation (classic : IPS, vpc : IPS_V2)
          ipsDataList[].eventNmstringEvent name
          ipsDataList[].attackerIpstringAttacker IP
          ipsDataList[].attackerPortstringAttacker Port
          ipsDataList[].targetIpstringTarget IP
          ipsDataList[].targetPortstringTarget Port
          ipsDataList[].detectstringNumber of detections
          ipsDataList[].attackTypestringAttack Type
          Use only in Classic
          ipsDataList[].protocolstringProtocol
          Use only in VPC
          ipsDataList[].regionstringRegion
          ipsDataList[].zoneNamestringZone(KR-1, KR-2)
          ipsDataList[].platFormstringPlatform(CLASSIC, VPC)
          ipsDataList[].vpcNamestringVPC name
          Use only in VPC

          Examples

          Request example(Classic)

          curl -X POST "https://securitymonitoring.apigw.ntruss.com/securitymonitoring/v1/getIPSList"
   -H "accept: application/json"
   -H "x-ncp-apigw-api-key: {x-ncp-apigw-api-key}"
   -H "x-ncp-iam-access-key: {x-ncp-iam-access-key}"
   -H "x-ncp-apigw-timestamp: {x-ncp-apigw-timestamp}"
   -H "x-ncp-apigw-signature-v2: {x-ncp-apigw-signature-v2}"
   -d {"startDateTime": {startDateTime},
         "endDateTime": {endDateTime},
         "page": {page},
         "countPerPage": {countPerPage}
   }

          Request example(VPC)

          curl -X POST "https://securitymonitoring.apigw.ntruss.com/vsecuritymonitoring/v1/getIPSList"
   -H "accept: application/json"
   -H "x-ncp-apigw-api-key: {x-ncp-apigw-api-key}"
   -H "x-ncp-iam-access-key: {x-ncp-iam-access-key}"
   -H "x-ncp-apigw-timestamp: {x-ncp-apigw-timestamp}"
   -H "x-ncp-apigw-signature-v2: {x-ncp-apigw-signature-v2}"
   -d {"startDateTime": {startDateTime},
         "endDateTime": {endDateTime},
         "page": {page},
         "countPerPage": {countPerPage}
    }

          Response example

          {
  "returnCode": "0",
  "returnMessage": "SUCCESS",
  "totalRows": 1,
  "page": 1,
  "ipsDataList": [
    {
        "ticketId": "66381",
        "date": "1600325545000",
        "product": "IPS_V2",
        "eventNm": "Test_Event",
        "attackType": null,
        "attackerIp": "10.0.4.10",
        "attackerPort": "2952",
        "targetIp": "10.0.1.7",
        "targetPort": "80",
        "protocol": "TCP",
        "detect": "9",
        "region": "Korea",
        "zoneName": "KR-1",
        "platForm": "VPC",
        "vpcName": "beta-vpc-test"
    }
  ]
}
          Was this article helpful?
          What's Next
          Change password!
          Changing your password will log you out immediately. Use the new password to log back in.
          Change profile
          Success!
          First name must have atleast 2 characters. Numbers and special characters are not allowed.
          Last name must have atleast 1 characters. Numbers and special characters are not allowed.
          Enter a valid email
          Enter a valid password
          Your profile has been successfully updated.
          Logout