RubyGems - tencentcloud-sdk-cwp - Versions diffs - 3.0.540 → 3.0.542 - Mend

tencentcloud-sdk-cwp 3.0.540 → 3.0.542

Files changed (5) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b411e50f6dd6ed81e4999e12b2d15d248c48ed69
-  data.tar.gz: 91b299c9c39f98fad187cef63a0fbefa27899408
+  metadata.gz: cd80a2bd287ee68aa40ee82d40ccf4231b48473a
+  data.tar.gz: cee1edbab4b4d7b7a9257f34b1ca089ab6c245ff
 SHA512:
-  metadata.gz: 720e87536ab0e1dcb3731e965e82c0c0949654ea32ef6fadfa7d60179dac7b53e499ae353bbadbf9ed556bc51cf783505083bf3128801a36d83a34fc415d2338
-  data.tar.gz: 78d51af69485ac23ac400a9161507e4db7ef60b524ff64557535a63df3516ab17f18f3f5d4520ec2f25144f6391e39dc790996b5d1d33b0fd0808239d579e9b6
+  metadata.gz: 13907923bcdecd6bda711b408dcf0d0808d0f8782f427fa0faff49260829796d5111b799e0594518ee685b429020bcf14359760422559ae87036500429a9db9f
+  data.tar.gz: b8655d1c97fd569d36bd3f9a8b867b30358f9a8951b9083b953f869c01dc9709412fcb4d8de98e4956562d61c4137de7c8a6a3acfb316045ef0d88e577c8f827

data/lib/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 3.0.~~540~~
1	+ 3.0.542

data/lib/v20180228/client.rb CHANGED Viewed

@@ -2504,6 +2504,30 @@ module TencentCloud
           raise TencentCloud::Common::TencentCloudSDKException.new(nil, e.inspect)
         end
+        # 查询高危命令事件详情(新)
+        # @param request: Request instance for DescribeBashEventsInfoNew.
+        # @type request: :class:`Tencentcloud::cwp::V20180228::DescribeBashEventsInfoNewRequest`
+        # @rtype: :class:`Tencentcloud::cwp::V20180228::DescribeBashEventsInfoNewResponse`
+        def DescribeBashEventsInfoNew(request)
+          body = send_request('DescribeBashEventsInfoNew', request.serialize)
+          response = JSON.parse(body)
+          if response['Response'].key?('Error') == false
+            model = DescribeBashEventsInfoNewResponse.new
+            model.deserialize(response['Response'])
+            model
+          else
+            code = response['Response']['Error']['Code']
+            message = response['Response']['Error']['Message']
+            reqid = response['Response']['RequestId']
+            raise TencentCloud::Common::TencentCloudSDKException.new(code, message, reqid)
+          end
+        rescue TencentCloud::Common::TencentCloudSDKException => e
+          raise e
+        rescue StandardError => e
+          raise TencentCloud::Common::TencentCloudSDKException.new(nil, e.inspect)
+        end
         # 获取高危命令列表(新)
         # @param request: Request instance for DescribeBashEventsNew.
@@ -3776,6 +3800,30 @@ module TencentCloud
           raise TencentCloud::Common::TencentCloudSDKException.new(nil, e.inspect)
         end
+        # 获取恶意请求事件列表
+        # @param request: Request instance for DescribeRiskDnsEventList.
+        # @type request: :class:`Tencentcloud::cwp::V20180228::DescribeRiskDnsEventListRequest`
+        # @rtype: :class:`Tencentcloud::cwp::V20180228::DescribeRiskDnsEventListResponse`
+        def DescribeRiskDnsEventList(request)
+          body = send_request('DescribeRiskDnsEventList', request.serialize)
+          response = JSON.parse(body)
+          if response['Response'].key?('Error') == false
+            model = DescribeRiskDnsEventListResponse.new
+            model.deserialize(response['Response'])
+            model
+          else
+            code = response['Response']['Error']['Code']
+            message = response['Response']['Error']['Message']
+            reqid = response['Response']['RequestId']
+            raise TencentCloud::Common::TencentCloudSDKException.new(code, message, reqid)
+          end
+        rescue TencentCloud::Common::TencentCloudSDKException => e
+          raise e
+        rescue StandardError => e
+          raise TencentCloud::Common::TencentCloudSDKException.new(nil, e.inspect)
+        end
         # 入侵检测，获取恶意请求列表
         # @param request: Request instance for DescribeRiskDnsList.

data/lib/v20180228/models.rb CHANGED Viewed

@@ -3877,6 +3877,141 @@ module TencentCloud
         end
       end
+      # 高危命令数据详情(新)
+      class BashEventsInfoNew < TencentCloud::Common::AbstractModel
+        # @param Id: 数据ID
+        # @type Id: Integer
+        # @param Uuid: 云镜ID
+        # @type Uuid: String
+        # @param Quuid: 主机ID
+        # @type Quuid: String
+        # @param HostIp: 主机内网IP
+        # @type HostIp: String
+        # @param Platform: 平台类型
+        # @type Platform: Integer
+        # @param BashCmd: 执行命令
+        # @type BashCmd: String
+        # @param RuleId: 规则ID,等于0表示已规则已被删除或生效范围已修改
+        # @type RuleId: Integer
+        # @param RuleName: 规则名称
+        # @type RuleName: String
+        # @param RuleLevel: 规则等级：1-高 2-中 3-低
+        # @type RuleLevel: Integer
+        # @param Status: 处理状态： 0 = 待处理 1= 已处理, 2 = 已加白， 3= 已忽略
+        # @type Status: Integer
+        # @param CreateTime: 发生时间
+        # @type CreateTime: String
+        # @param MachineName: 主机名
+        # @type MachineName: String
+        # @param Exe: 进程名称
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type Exe: String
+        # @param ModifyTime: 处理时间
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type ModifyTime: String
+        # @param RuleCategory: 规则类别  0=系统规则，1=用户规则
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type RuleCategory: Integer
+        # @param RegexBashCmd: 自动生成的正则表达式
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type RegexBashCmd: String
+        # @param PsTree: 进程树 json  pid:进程id，exe:文件路径 ，account:进程所属用组和用户 ,cmdline:执行命令，ssh_service: SSH服务ip, ssh_soure:登录源
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type PsTree: String
+        # @param SuggestScheme: 建议方案
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type SuggestScheme: String
+        # @param HarmDescribe: 描述
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type HarmDescribe: String
+        # @param Tags: 标签
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type Tags: Array
+        # @param References: 参考链接
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type References: Array
+        # @param MachineWanIp: 主机外网ip
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type MachineWanIp: String
+        # @param MachineStatus: 主机在线状态 OFFLINE  ONLINE
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type MachineStatus: String
+        # @param User: 登录用户
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type User: String
+        # @param Pid: 进程号
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type Pid: String
+        # @param MachineType: 0:普通 1:专业版 2:旗舰版
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type MachineType: Integer
+        # @param DetectBy: 检测来源 0:bash日志 1:实时监控
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type DetectBy: Integer
+        attr_accessor :Id, :Uuid, :Quuid, :HostIp, :Platform, :BashCmd, :RuleId, :RuleName, :RuleLevel, :Status, :CreateTime, :MachineName, :Exe, :ModifyTime, :RuleCategory, :RegexBashCmd, :PsTree, :SuggestScheme, :HarmDescribe, :Tags, :References, :MachineWanIp, :MachineStatus, :User, :Pid, :MachineType, :DetectBy
+        def initialize(id=nil, uuid=nil, quuid=nil, hostip=nil, platform=nil, bashcmd=nil, ruleid=nil, rulename=nil, rulelevel=nil, status=nil, createtime=nil, machinename=nil, exe=nil, modifytime=nil, rulecategory=nil, regexbashcmd=nil, pstree=nil, suggestscheme=nil, harmdescribe=nil, tags=nil, references=nil, machinewanip=nil, machinestatus=nil, user=nil, pid=nil, machinetype=nil, detectby=nil)
+          @Id = id
+          @Uuid = uuid
+          @Quuid = quuid
+          @HostIp = hostip
+          @Platform = platform
+          @BashCmd = bashcmd
+          @RuleId = ruleid
+          @RuleName = rulename
+          @RuleLevel = rulelevel
+          @Status = status
+          @CreateTime = createtime
+          @MachineName = machinename
+          @Exe = exe
+          @ModifyTime = modifytime
+          @RuleCategory = rulecategory
+          @RegexBashCmd = regexbashcmd
+          @PsTree = pstree
+          @SuggestScheme = suggestscheme
+          @HarmDescribe = harmdescribe
+          @Tags = tags
+          @References = references
+          @MachineWanIp = machinewanip
+          @MachineStatus = machinestatus
+          @User = user
+          @Pid = pid
+          @MachineType = machinetype
+          @DetectBy = detectby
+        end
+        def deserialize(params)
+          @Id = params['Id']
+          @Uuid = params['Uuid']
+          @Quuid = params['Quuid']
+          @HostIp = params['HostIp']
+          @Platform = params['Platform']
+          @BashCmd = params['BashCmd']
+          @RuleId = params['RuleId']
+          @RuleName = params['RuleName']
+          @RuleLevel = params['RuleLevel']
+          @Status = params['Status']
+          @CreateTime = params['CreateTime']
+          @MachineName = params['MachineName']
+          @Exe = params['Exe']
+          @ModifyTime = params['ModifyTime']
+          @RuleCategory = params['RuleCategory']
+          @RegexBashCmd = params['RegexBashCmd']
+          @PsTree = params['PsTree']
+          @SuggestScheme = params['SuggestScheme']
+          @HarmDescribe = params['HarmDescribe']
+          @Tags = params['Tags']
+          @References = params['References']
+          @MachineWanIp = params['MachineWanIp']
+          @MachineStatus = params['MachineStatus']
+          @User = params['User']
+          @Pid = params['Pid']
+          @MachineType = params['MachineType']
+          @DetectBy = params['DetectBy']
+        end
+      end
       # 高危命令规则
       class BashRule < TencentCloud::Common::AbstractModel
         # @param Id: 规则ID
@@ -10089,6 +10224,46 @@ module TencentCloud
         end
       end
+      # DescribeBashEventsInfoNew请求参数结构体
+      class DescribeBashEventsInfoNewRequest < TencentCloud::Common::AbstractModel
+        # @param Id: 事件id
+        # @type Id: Integer
+        attr_accessor :Id
+        def initialize(id=nil)
+          @Id = id
+        end
+        def deserialize(params)
+          @Id = params['Id']
+        end
+      end
+      # DescribeBashEventsInfoNew返回参数结构体
+      class DescribeBashEventsInfoNewResponse < TencentCloud::Common::AbstractModel
+        # @param BashEventsInfo: 事件详情
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type BashEventsInfo: :class:`Tencentcloud::Cwp.v20180228.models.BashEventsInfoNew`
+        # @param RequestId: 唯一请求 ID，每次请求都会返回。定位问题时需要提供该次请求的 RequestId。
+        # @type RequestId: String
+        attr_accessor :BashEventsInfo, :RequestId
+        def initialize(basheventsinfo=nil, requestid=nil)
+          @BashEventsInfo = basheventsinfo
+          @RequestId = requestid
+        end
+        def deserialize(params)
+          unless params['BashEventsInfo'].nil?
+            @BashEventsInfo = BashEventsInfoNew.new
+            @BashEventsInfo.deserialize(params['BashEventsInfo'])
+          end
+          @RequestId = params['RequestId']
+        end
+      end
       # DescribeBashEventsNew请求参数结构体
       class DescribeBashEventsNewRequest < TencentCloud::Common::AbstractModel
         # @param Limit: 返回数量，默认为10，最大值为100。
@@ -13682,6 +13857,84 @@ module TencentCloud
         end
       end
+      # DescribeRiskDnsEventList请求参数结构体
+      class DescribeRiskDnsEventListRequest < TencentCloud::Common::AbstractModel
+        # @param Filters: <li>IpOrName - String - 是否必填：否 - 主机Ip或别名筛选</li>
+        # <li>HostId - String - 是否必填：否 - 主机Id</li>
+        # <li>AgentId - String - 是否必填：否 - 客户端Id</li>
+        # <li>PolicyType - String - 是否必填：否 - 策略类型,0:系统策略1:用户自定义策略</li>
+        # <li>Domain - String - 是否必填：否 - 域名(先对域名做urlencode,再base64)</li>
+        # <li>HandleStatus - String - 是否必填：否 - 状态筛选0:待处理；2:信任；3:不信任</li>
+        # <li>BeginTime - String - 是否必填：否 - 最近访问开始时间</li>
+        # <li>EndTime - String - 是否必填：否 - 最近访问结束时间</li>
+        # @type Filters: Array
+        # @param Limit: 需要返回的数量，默认为10，最大值为100
+        # @type Limit: Integer
+        # @param Offset: 偏移量，默认为0。
+        # @type Offset: Integer
+        # @param Order: 排序方式：根据请求次数排序：[asc:升序|desc:降序]
+        # @type Order: String
+        # @param By: 排序字段：[AccessCount:请求次数|LastTime:最近请求时间]
+        # @type By: String
+        attr_accessor :Filters, :Limit, :Offset, :Order, :By
+        def initialize(filters=nil, limit=nil, offset=nil, order=nil, by=nil)
+          @Filters = filters
+          @Limit = limit
+          @Offset = offset
+          @Order = order
+          @By = by
+        end
+        def deserialize(params)
+          unless params['Filters'].nil?
+            @Filters = []
+            params['Filters'].each do |i|
+              filter_tmp = Filter.new
+              filter_tmp.deserialize(i)
+              @Filters << filter_tmp
+            end
+          end
+          @Limit = params['Limit']
+          @Offset = params['Offset']
+          @Order = params['Order']
+          @By = params['By']
+        end
+      end
+      # DescribeRiskDnsEventList返回参数结构体
+      class DescribeRiskDnsEventListResponse < TencentCloud::Common::AbstractModel
+        # @param List: 恶意请求事件列表
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type List: Array
+        # @param TotalCount: 总数
+        # @type TotalCount: Integer
+        # @param RequestId: 唯一请求 ID，每次请求都会返回。定位问题时需要提供该次请求的 RequestId。
+        # @type RequestId: String
+        attr_accessor :List, :TotalCount, :RequestId
+        def initialize(list=nil, totalcount=nil, requestid=nil)
+          @List = list
+          @TotalCount = totalcount
+          @RequestId = requestid
+        end
+        def deserialize(params)
+          unless params['List'].nil?
+            @List = []
+            params['List'].each do |i|
+              riskdnsevent_tmp = RiskDnsEvent.new
+              riskdnsevent_tmp.deserialize(i)
+              @List << riskdnsevent_tmp
+            end
+          end
+          @TotalCount = params['TotalCount']
+          @RequestId = params['RequestId']
+        end
+      end
       # DescribeRiskDnsList请求参数结构体
       class DescribeRiskDnsListRequest < TencentCloud::Common::AbstractModel
         # @param Limit: 需要返回的数量，默认为10，最大值为100
@@ -21100,6 +21353,122 @@ module TencentCloud
         end
       end
+      # 恶意请求事件
+      class RiskDnsEvent < TencentCloud::Common::AbstractModel
+        # @param Id: 事件Id
+        # @type Id: Integer
+        # @param PolicyId: 策略ID
+        # @type PolicyId: Integer
+        # @param PolicyType: 命中策略类型[-1:未知|0系统|1:用户]
+        # @type PolicyType: Integer
+        # @param PolicyName: 命中策略名称
+        # @type PolicyName: String
+        # @param ProtectLevel: 保护级别[0:基础版|1:专业版|2:旗舰版]
+        # @type ProtectLevel: Integer
+        # @param HostId: 主机ID
+        # @type HostId: String
+        # @param HostName: 主机名称
+        # @type HostName: String
+        # @param HostIp: 主机IP
+        # @type HostIp: String
+        # @param WanIp: 外网IP
+        # @type WanIp: String
+        # @param AgentId: 客户端ID
+        # @type AgentId: String
+        # @param Domain: 访问域名
+        # @type Domain: String
+        # @param Tags: 标签特性
+        # @type Tags: Array
+        # @param AccessCount: 访问次数
+        # @type AccessCount: Integer
+        # @param ThreatDesc: 威胁描述
+        # @type ThreatDesc: String
+        # @param SuggestSolution: 修复方案
+        # @type SuggestSolution: String
+        # @param ReferenceLink: 参考链接
+        # @type ReferenceLink: String
+        # @param HandleStatus: 处理状态；[0:待处理|2:已加白|3:非信任状态|4:已处理|5:已忽略]
+        # @type HandleStatus: Integer
+        # @param Pid: 进程ID
+        # @type Pid: Integer
+        # @param ProcessName: 进程名
+        # @type ProcessName: String
+        # @param ProcessMd5: 进程MD5
+        # @type ProcessMd5: String
+        # @param CmdLine: 命令行
+        # @type CmdLine: String
+        # @param FirstTime: 首次访问时间
+        # @type FirstTime: String
+        # @param LastTime: 最近访问时间
+        # @type LastTime: String
+        # @param HostStatus: 主机在线状态[OFFLINE:离线|ONLINE:在线|UNKNOWN:未知]
+        # @type HostStatus: String
+        # @param MachineExtraInfo: 附加信息
+        # 注意：此字段可能返回 null，表示取不到有效值。
+        # @type MachineExtraInfo: :class:`Tencentcloud::Cwp.v20180228.models.MachineExtraInfo`
+        attr_accessor :Id, :PolicyId, :PolicyType, :PolicyName, :ProtectLevel, :HostId, :HostName, :HostIp, :WanIp, :AgentId, :Domain, :Tags, :AccessCount, :ThreatDesc, :SuggestSolution, :ReferenceLink, :HandleStatus, :Pid, :ProcessName, :ProcessMd5, :CmdLine, :FirstTime, :LastTime, :HostStatus, :MachineExtraInfo
+        def initialize(id=nil, policyid=nil, policytype=nil, policyname=nil, protectlevel=nil, hostid=nil, hostname=nil, hostip=nil, wanip=nil, agentid=nil, domain=nil, tags=nil, accesscount=nil, threatdesc=nil, suggestsolution=nil, referencelink=nil, handlestatus=nil, pid=nil, processname=nil, processmd5=nil, cmdline=nil, firsttime=nil, lasttime=nil, hoststatus=nil, machineextrainfo=nil)
+          @Id = id
+          @PolicyId = policyid
+          @PolicyType = policytype
+          @PolicyName = policyname
+          @ProtectLevel = protectlevel
+          @HostId = hostid
+          @HostName = hostname
+          @HostIp = hostip
+          @WanIp = wanip
+          @AgentId = agentid
+          @Domain = domain
+          @Tags = tags
+          @AccessCount = accesscount
+          @ThreatDesc = threatdesc
+          @SuggestSolution = suggestsolution
+          @ReferenceLink = referencelink
+          @HandleStatus = handlestatus
+          @Pid = pid
+          @ProcessName = processname
+          @ProcessMd5 = processmd5
+          @CmdLine = cmdline
+          @FirstTime = firsttime
+          @LastTime = lasttime
+          @HostStatus = hoststatus
+          @MachineExtraInfo = machineextrainfo
+        end
+        def deserialize(params)
+          @Id = params['Id']
+          @PolicyId = params['PolicyId']
+          @PolicyType = params['PolicyType']
+          @PolicyName = params['PolicyName']
+          @ProtectLevel = params['ProtectLevel']
+          @HostId = params['HostId']
+          @HostName = params['HostName']
+          @HostIp = params['HostIp']
+          @WanIp = params['WanIp']
+          @AgentId = params['AgentId']
+          @Domain = params['Domain']
+          @Tags = params['Tags']
+          @AccessCount = params['AccessCount']
+          @ThreatDesc = params['ThreatDesc']
+          @SuggestSolution = params['SuggestSolution']
+          @ReferenceLink = params['ReferenceLink']
+          @HandleStatus = params['HandleStatus']
+          @Pid = params['Pid']
+          @ProcessName = params['ProcessName']
+          @ProcessMd5 = params['ProcessMd5']
+          @CmdLine = params['CmdLine']
+          @FirstTime = params['FirstTime']
+          @LastTime = params['LastTime']
+          @HostStatus = params['HostStatus']
+          unless params['MachineExtraInfo'].nil?
+            @MachineExtraInfo = MachineExtraInfo.new
+            @MachineExtraInfo.deserialize(params['MachineExtraInfo'])
+          end
+        end
+      end
       # 恶意请求列表
       class RiskDnsList < TencentCloud::Common::AbstractModel
         # @param Url: 对外访问域名

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tencentcloud-sdk-cwp
 version: !ruby/object:Gem::Version
-  version: 3.0.540
+  version: 3.0.542
 platform: ruby
 authors:
 - Tencent Cloud
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-03-29 00:00:00.000000000 Z
+date: 2023-04-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: tencentcloud-sdk-common