getWAFList
- Print
- PDF
getWAFList
- Print
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
Overview
- The getWAFList API is a feature provided by the "WAF" of "Security Monitoring" that allows you to check the list of security events detected by the WAF.
- The API request must be IAM-authenticated via API Gateway.
Request
Platform | Method | Request URI |
---|---|---|
Classic | POST | https://securitymonitoring.apigw.ntruss.com/securitymonitoring/v1/getWAFList |
VPC | POST | https://securitymonitoring.apigw.ntruss.com/vsecuritymonitoring/v1/getWAFList |
Request Header
Header | Description |
---|---|
x-ncp-apigw-timestamp | It is the number of milliseconds that have elapsed since January 1, 1970 00:00:00 UTC. If the time difference with the API Gateway server is more than 5 minutes, the request is considered invalid. |
x-ncp-iam-access-key | API key issued by NAVER Cloud Platform or access key issued by IAM |
x-ncp-apigw-signature-v2 | Signature used to encrypt the body with the “secret key” that maps with the “access key.” The HMAC encryption algorithm is HMAC SHA256. Reference Call APIs that require IAM authentication |
Request parameters
Parameter | Required | Type | Description |
---|---|---|---|
startDateTime | Yes | long | Event search start time |
endDateTime | Yes | long | Event search end time |
page | Yes | int | Page Number |
countPerPage | Yes | int | Number of displayed items per page |
order | No | string | Sort by Event detection time(asc, desc) default value : desc |
regionCode | No | string | Region code (Korea: KR , Germany:DEN , Japan:JPN , Singapore:SGN , USW:USWN ) |
zoneName | No | string | Zone(KR-1, KR-2) |
eventNm | No | string | Event name |
attackType | No | string | Attack Type |
attackIp | No | string | Attacker IP |
targetIp | No | string | Target IP |
Response
Response body
Field | Type | Description |
---|---|---|
returnCode | string | Response code |
returnMessage | string | Response message |
totalRows | int | This is the total number of getWAFList. |
page | int | This is the requested page number. |
wafDataList[] | array | WAF Event List |
wafDataList[].ticketId | string | WAF Event Number |
wafDataList[].date | string | Event detection time |
wafDataList[].product | string | Product sortation (classic : WAF, vpc : WAF_V2) |
wafDataList[].eventNm | string | Event name |
wafDataList[].attackerIp | string | Attacker IP |
wafDataList[].attackerPort | string | Attacker Port |
wafDataList[].targetIp | string | Target IP |
wafDataList[].targetPort | string | Target Port |
wafDataList[].attackType | string | Attack Type |
wafDataList[].region | string | Region |
wafDataList[].zoneName | string | Zone(KR-1, KR-2) |
wafDataList[].platForm | string | Platform(CLASSIC, VPC) |
wafDataList[].vpcName | string | VPC nameUse only in VPC |
Examples
Request example(Classic)
curl -X POST "https://securitymonitoring.apigw.ntruss.com/securitymonitoring/v1/getWAFList"
-H "accept: application/json"
-H "x-ncp-apigw-api-key: {x-ncp-apigw-api-key}"
-H "x-ncp-iam-access-key: {x-ncp-iam-access-key}"
-H "x-ncp-apigw-timestamp: {x-ncp-apigw-timestamp}"
-H "x-ncp-apigw-signature-v2: {x-ncp-apigw-signature-v2}"
-d {"startDateTime": {startDateTime},
"endDateTime": {endDateTime},
"page": {page},
"countPerPage": {countPerPage}
}
Request example(VPC)
curl -X POST "https://securitymonitoring.apigw.ntruss.com/vsecuritymonitoring/v1/getWAFList"
-H "accept: application/json"
-H "x-ncp-apigw-api-key: {x-ncp-apigw-api-key}"
-H "x-ncp-iam-access-key: {x-ncp-iam-access-key}"
-H "x-ncp-apigw-timestamp: {x-ncp-apigw-timestamp}"
-H "x-ncp-apigw-signature-v2: {x-ncp-apigw-signature-v2}"
-d {"startDateTime": {startDateTime},
"endDateTime": {endDateTime},
"page": {page},
"countPerPage": {countPerPage}
}
Response example
{
"returnCode": "0",
"returnMessage": "SUCCESS",
"totalRows": 1,
"page": 1,
"wafDataList": [
{
"ticketId": "66376",
"date": "1600203495000",
"product": "WAF_V2",
"eventNm": "WAF_TEST",
"attackType": "HTTP 메소드 제한 탐지",
"attackerIp": "10.33.7.6",
"attackerPort": "4443",
"targetIp": "10.10.10.1",
"targetPort": "8080",
"region": "Korea",
"zoneName": "KR-1",
"platForm": "VPC",
"vpcName": "beta-vpc-test"
}
]
}
Was this article helpful?