tccli 3.0.1325.1__py2.py3-none-any.whl → 3.0.1327.1__py2.py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (56) hide show
  1. tccli/__init__.py +1 -1
  2. tccli/services/ams/v20201229/api.json +9 -9
  3. tccli/services/cdb/v20170320/api.json +9 -9
  4. tccli/services/cdc/v20201214/api.json +5 -5
  5. tccli/services/cfs/v20190719/api.json +19 -19
  6. tccli/services/cfs/v20190719/examples.json +2 -2
  7. tccli/services/clb/clb_client.py +53 -0
  8. tccli/services/clb/v20180317/api.json +100 -0
  9. tccli/services/clb/v20180317/examples.json +8 -0
  10. tccli/services/cme/v20191029/api.json +16 -19
  11. tccli/services/cme/v20191029/examples.json +12 -12
  12. tccli/services/dlc/dlc_client.py +53 -0
  13. tccli/services/dlc/v20210125/api.json +51 -0
  14. tccli/services/dlc/v20210125/examples.json +8 -0
  15. tccli/services/domain/v20180808/api.json +1 -1
  16. tccli/services/emr/v20190103/api.json +29 -0
  17. tccli/services/es/es_client.py +4 -57
  18. tccli/services/es/v20250101/api.json +0 -207
  19. tccli/services/es/v20250101/examples.json +0 -8
  20. tccli/services/ess/v20201111/api.json +4 -4
  21. tccli/services/essbasic/v20210526/api.json +1 -1
  22. tccli/services/gs/gs_client.py +269 -4
  23. tccli/services/gs/v20191118/api.json +412 -7
  24. tccli/services/gs/v20191118/examples.json +42 -2
  25. tccli/services/hai/v20230812/api.json +5 -5
  26. tccli/services/lke/lke_client.py +0 -53
  27. tccli/services/lke/v20231130/api.json +0 -113
  28. tccli/services/lke/v20231130/examples.json +0 -8
  29. tccli/services/lkeap/v20240522/api.json +1 -1
  30. tccli/services/lowcode/v20210108/api.json +60 -0
  31. tccli/services/monitor/monitor_client.py +170 -11
  32. tccli/services/monitor/v20180724/api.json +205 -1
  33. tccli/services/monitor/v20180724/examples.json +24 -0
  34. tccli/services/mrs/v20200910/api.json +4 -4
  35. tccli/services/oceanus/v20190422/api.json +15 -5
  36. tccli/services/oceanus/v20190422/examples.json +8 -2
  37. tccli/services/postgres/postgres_client.py +0 -53
  38. tccli/services/postgres/v20170312/api.json +0 -235
  39. tccli/services/postgres/v20170312/examples.json +0 -8
  40. tccli/services/privatedns/privatedns_client.py +53 -0
  41. tccli/services/privatedns/v20201028/api.json +180 -1
  42. tccli/services/privatedns/v20201028/examples.json +8 -0
  43. tccli/services/pts/v20210728/api.json +18 -0
  44. tccli/services/redis/v20180412/api.json +1 -1
  45. tccli/services/tcss/v20201101/api.json +190 -32
  46. tccli/services/tcss/v20201101/examples.json +6 -6
  47. tccli/services/tms/v20201229/api.json +2 -2
  48. tccli/services/tms/v20201229/examples.json +1 -1
  49. tccli/services/vm/v20210922/api.json +13 -13
  50. tccli/services/vm/v20210922/examples.json +2 -2
  51. tccli/services/vpc/v20170312/api.json +2 -2
  52. {tccli-3.0.1325.1.dist-info → tccli-3.0.1327.1.dist-info}/METADATA +2 -2
  53. {tccli-3.0.1325.1.dist-info → tccli-3.0.1327.1.dist-info}/RECORD +56 -56
  54. {tccli-3.0.1325.1.dist-info → tccli-3.0.1327.1.dist-info}/WHEEL +0 -0
  55. {tccli-3.0.1325.1.dist-info → tccli-3.0.1327.1.dist-info}/entry_points.txt +0 -0
  56. {tccli-3.0.1325.1.dist-info → tccli-3.0.1327.1.dist-info}/license_files/LICENSE +0 -0
tccli/services/redis/v20180412/api.json CHANGED
@@ -2206,7 +2206,7 @@
2206
2206
  },
2207
2207
  {
2208
2208
  "disabled": false,
2209
- "document": "指定实例的产品版本。\n- local:本地盘版。\n- cloud:云盘版,\n- cdc:独享集群版。如果不传默认发货为本地盘版本。",
2209
+ "document": "指实例部署模式。\n- local:传统架构,默认为 local。\n- cdc:独享集群。\n- cloud:云原生,当前已暂停售卖。",
2210
2210
  "example": "cdc",
2211
2211
  "member": "string",
2212
2212
  "name": "ProductVersion",
tccli/services/tcss/v20201101/api.json CHANGED
@@ -6237,6 +6237,16 @@
6237
6237
  "output_required": false,
6238
6238
  "type": "string",
6239
6239
  "value_allowed_null": false
6240
+ },
6241
+ {
6242
+ "disabled": false,
6243
+ "document": "所有者名称",
6244
+ "example": "fx-qi",
6245
+ "member": "string",
6246
+ "name": "OwnerName",
6247
+ "output_required": false,
6248
+ "type": "string",
6249
+ "value_allowed_null": false
6240
6250
  }
6241
6251
  ],
6242
6252
  "usage": "out"
@@ -12108,6 +12118,24 @@
12108
12118
  "name": "Uuid",
12109
12119
  "required": true,
12110
12120
  "type": "string"
12121
+ },
12122
+ {
12123
+ "disabled": false,
12124
+ "document": "超级节点唯一id",
12125
+ "example": "[\"7c9e719e-6236-bbbb-aaaa-20c9b9a1f6b1\"]",
12126
+ "member": "string",
12127
+ "name": "NodeUniqueIds",
12128
+ "required": false,
12129
+ "type": "list"
12130
+ },
12131
+ {
12132
+ "disabled": false,
12133
+ "document": "uuid列表",
12134
+ "example": "[\"7c9e719e-6236-bbbb-aaaa-20c9b9a1f6b1\"]",
12135
+ "member": "string",
12136
+ "name": "UUIDs",
12137
+ "required": false,
12138
+ "type": "list"
12111
12139
  }
12112
12140
  ],
12113
12141
  "type": "object"
@@ -12400,7 +12428,7 @@
12400
12428
  {
12401
12429
  "disabled": false,
12402
12430
  "document": "事件基本信息",
12403
- "example": "{ \"ClientIP\": \"106.55.163.***\", \"ClusterID\": \"cls-13nfdn****\", \"ClusterName\": \"demo-dev\", \"ContainerId\": \"1***5fe59dbd61071f16d6165480d381********\", \"ContainerIsolateOperationSrc\": \"system\", \"ContainerName\": \"/adoring_ishizaka\", \"ContainerNetStatus\": \"NORMAL\", \"ContainerNetSubStatus\": \"NONE\", \"EventCount\": 2, \"EventId\": \"10302329\", \"EventName\": \"异常进程事件-告警\", \"EventType\": \"FILE_ABNORMAL_READ\", \"FoundTime\": \"2024-10-21 15:55:45\", \"HostID\": \"1414-18a1-4775-9e3f-cdfc898********\", \"HostIP\": \"172.16.0.34\", \"ImageId\": \"sha256:1413413431fd9255658c128086395d3********\", \"ImageName\": \"alpine:latest\", \"LatestFoundTime\": \"2024-10-21 20:57:12\", \"Namespace\": \"default\", \"NodeID\": \"d41d8cd98f00******\", \"NodeName\": \"d41d8cd98f00*****\", \"NodeSubNetCIDR\": \"fe80::8132:1b51:52******\", \"NodeSubNetID\": \"sub-fn4nf***\", \"NodeSubNetName\": \"dev\", \"NodeType\": \"NORMAL\", \"NodeUniqueID\": \"fe8dfjf2d2****\", \"PodIP\": \"1.1.1.1\", \"PodName\": \"pod-dev\", \"PodStatus\": \"RUNNING\", \"Status\": \"EVENT_DEALED\", \"WorkloadType\": \"StatefulSet\" }",
12431
+ "example": "",
12404
12432
  "member": "RunTimeEventBaseInfo",
12405
12433
  "name": "EventBaseInfo",
12406
12434
  "output_required": true,
@@ -12420,7 +12448,7 @@
12420
12448
  {
12421
12449
  "disabled": false,
12422
12450
  "document": "父进程信息",
12423
- "example": "{ \"ProcessId\": 330852, \"ProcessName\": \"containerd-shim\", \"ProcessParam\": \"containerd-shim -namespace moby -workdir /data/kubernetes/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/ /var/run/docker/runtime-runc\", \"ProcessPath\": \"/usr/bin/containerd-shim\", \"ProcessStartUser\": \"root\", \"ProcessUserGroup\": \"root\" }",
12451
+ "example": "",
12424
12452
  "member": "ProcessDetailBaseInfo",
12425
12453
  "name": "ParentProcessInfo",
12426
12454
  "output_required": true,
@@ -12430,7 +12458,7 @@
12430
12458
  {
12431
12459
  "disabled": false,
12432
12460
  "document": "事件描述",
12433
- "example": "{ \"Description\": \"检测到疑似反弹shell命令执行\", \"GroupName\": \"SYSTEM_DEFINED_RULE\", \"MatchRule\": { \"ProcessPath\": \"/usr/bin\", \"RuleId\": \"100000000000000000000004\", \"RuleLevel\": \"HIGH\", \"RuleMode\": \"RULE_MODE_ALERT\" }, \"OperationTime\": \"2024-10-23 17:38:12\", \"Remark\": \"for dev\", \"RuleId\": \"124\", \"RuleName\": \"REVERSE_SHELL\", \"Solution\": \"排查反弹shell行为及目标地址是否为业务正常需要\" }",
12461
+ "example": "",
12434
12462
  "member": "AbnormalProcessEventDescription",
12435
12463
  "name": "EventDetail",
12436
12464
  "output_required": true,
@@ -12800,7 +12828,7 @@
12800
12828
  {
12801
12829
  "disabled": false,
12802
12830
  "document": "事件基本信息",
12803
- "example": " \"EventBaseInfo\": { \"ClientIP\": \"175.178.**.**\", \"ClusterID\": \"cls-demo1\", \"ClusterName\": \"web-demo\", \"ContainerId\": \"75D3326A-9B9C-4275-895A-16FDA1*****\", \"ContainerIsolateOperationSrc\": \"\", \"ContainerName\": \"/k8s_xenon_mysql-tce-cwp-mysql-2_sso_c9fdfba4-e31a-46bc-a43a-****\", \"ContainerNetStatus\": \"NORMAL\", \"ContainerNetSubStatus\": \"NONE\", \"EventCount\": 130, \"EventId\": \"5124493\", \"EventName\": \"高危系统调用\", \"EventType\": \"RISK_SYSCALL_EVENT_TYPE\", \"FoundTime\": \"2024-10-23 00:05:17\", \"HostID\": \"11141114-66fd-4171-93eb-2f4fc36ef1e1\", \"HostIP\": \"10.0.0.105\", \"ImageId\": \"sha256:11141114e95dce36e8455cf657e1e54d74bb8fac6111411141114\", \"ImageName\": \"registry.tce.com/service-vendors/mysql-xenon:8.0.32-20240524-155426-11141114.rhel.amd64\", \"LatestFoundTime\": \"2024-10-23 17:02:47\", \"Namespace\": \"default\", \"NodeID\": \"pod-dj4xjf***\", \"NodeName\": \"tcs-10-0-0-105\", \"NodeSubNetCIDR\": \"fe80::8132:1b51:5********\", \"NodeSubNetID\": \"subnet-dfj4***\", \"NodeSubNetName\": \"default\", \"NodeType\": \"NORMAL\", \"NodeUniqueID\": \"node-4jfjfgdnvnd****\", \"PodIP\": \"10.0.0.11\", \"PodName\": \"demonset\", \"PodStatus\": \"running\", \"Status\": \"EVENT_UNDEAL\", \"WorkloadType\": \"StatefulSet\" }",
12831
+ "example": "",
12804
12832
  "member": "RunTimeEventBaseInfo",
12805
12833
  "name": "EventBaseInfo",
12806
12834
  "output_required": true,
@@ -12810,7 +12838,7 @@
12810
12838
  {
12811
12839
  "disabled": false,
12812
12840
  "document": "进程信息",
12813
- "example": "{ \"ProcessAuthority\": \"-rwxr-xr-x\", \"ProcessId\": 2907621, \"ProcessMd5\": \"8a5772dee965c8223aebc1225e*****\", \"ProcessName\": \"xenoncli\", \"ProcessParam\": \"xenoncli xenon ping\", \"ProcessPath\": \"/usr/local/bin/xenoncli\", \"ProcessStartUser\": \"root\", \"ProcessTree\": \"xenoncli(2907621)|containerd-shim(330852)|containerd(17863)|dockerd(17838)|systemd(1)\", \"ProcessUserGroup\": \"0\" }",
12841
+ "example": "",
12814
12842
  "member": "ProcessDetailInfo",
12815
12843
  "name": "ProcessInfo",
12816
12844
  "output_required": true,
@@ -12820,7 +12848,7 @@
12820
12848
  {
12821
12849
  "disabled": false,
12822
12850
  "document": "被篡改信息",
12823
- "example": "{ \"FileCreateTime\": \"2024-10-11 11:02:58\", \"FileDiff\": \"UNKNOW\", \"FileName\": \"pwnkit.so:.\", \"FilePath\": \"/home/yunjing_testing_x86/GCONV_PATH=./pwnkit.so:.\", \"FileSize\": 24, \"FileType\": \"UNKNOWN\", \"LatestTamperedFileMTime\": \"2024-10-11 11:02:58\", \"NewFile\": \"default.txt\" }",
12851
+ "example": "",
12824
12852
  "member": "FileAttributeInfo",
12825
12853
  "name": "TamperedFileInfo",
12826
12854
  "output_required": true,
@@ -12830,7 +12858,7 @@
12830
12858
  {
12831
12859
  "disabled": false,
12832
12860
  "document": "事件描述",
12833
- "example": "{ \"Description\": \"检测到系统命令被篡改\", \"MatchRule\": { \"ProcessPath\": \"/home/yunjing_testing_x86/events_trigger_x86\", \"RuleId\": \"200000000000000000000002\", \"RuleMode\": \"RULE_MODE_ALERT\", \"TargetFilePath\": \"/home/yunjing_testing_x86/GCONV_PATH=./pwnkit.so:.\" }, \"OperationTime\": \"1970-01-01 00:00:01\", \"Remark\": \"demoset\", \"RuleId\": \"222222222222222222222222\", \"RuleName\": \"系统策略\", \"Solution\": \"排查是否为正常业务需要的系统命令替换\" }",
12861
+ "example": "",
12834
12862
  "member": "AccessControlEventDescription",
12835
12863
  "name": "EventDetail",
12836
12864
  "output_required": true,
@@ -12840,7 +12868,7 @@
12840
12868
  {
12841
12869
  "disabled": false,
12842
12870
  "document": "父进程信息",
12843
- "example": "{ \"ProcessId\": 330852, \"ProcessName\": \"containerd-shim\", \"ProcessParam\": \"containerd-shim -namespace moby -workdir /data/kubernetes/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/ /var/run/docker/runtime-runc\", \"ProcessPath\": \"/usr/bin/containerd-shim\", \"ProcessStartUser\": \"root\", \"ProcessUserGroup\": \"root\" }",
12871
+ "example": "",
12844
12872
  "member": "ProcessBaseInfo",
12845
12873
  "name": "ParentProcessInfo",
12846
12874
  "output_required": true,
@@ -12850,7 +12878,7 @@
12850
12878
  {
12851
12879
  "disabled": false,
12852
12880
  "document": "祖先进程信息",
12853
- "example": "{ \"ProcessParam\": \"/usr/bin/containerd-shim-runc-v2 -namespace moby -address /run/containerd/containerd.sock\", \"ProcessPath\": \"/usr/bin/containerd-shim-runc-v2\", \"ProcessStartUser\": \"0\", \"ProcessUserGroup\": \"0\" }",
12881
+ "example": "",
12854
12882
  "member": "ProcessBaseInfo",
12855
12883
  "name": "AncestorProcessInfo",
12856
12884
  "output_required": true,
@@ -13025,13 +13053,33 @@
13025
13053
  {
13026
13054
  "disabled": false,
13027
13055
  "document": "访问控制事件数组",
13028
- "example": "[ { \"Behavior\": \"BEHAVIOR_ALERT\", \"ClusterID\": \"cls-fdj4****\", \"ClusterName\": \"demoset\", \"ContainerId\": \"a41351f3384159740167f25d83fcb206ffa154ab31d50c6594580ca6bac0b2cf\", \"ContainerIsolateOperationSrc\": \"system\", \"ContainerName\": \"container1\", \"ContainerNetStatus\": \"NORMAL\", \"ContainerNetSubStatus\": \"NONE\", \"ContainerStatus\": \"STOPPED\", \"Description\": \"检测到系统计划任务被修改\", \"EventCount\": 10012, \"EventType\": \"NORMAL\", \"FileName\": \"cron.update\", \"FilePath\": \"/etc/crontabs/cron.update\", \"FoundTime\": \"2020-10-29 18:11:10\", \"HostID\": \"f5a89f72-aaad-bbbc-cccc-eb3b3b74c2f0\", \"HostIP\": \"10.86.68.35\", \"Id\": \"4904016\", \"ImageId\": \"sha256:3926aaa0fe2ece5cbe51aaaf242b074c211beb8e046c9d4db4959c220be0171f\", \"ImageName\": \"iamge1\", \"LatestFoundTime\": \"2020-10-29 18:11:10\", \"MatchAction\": \"RULE_MODE_ALERT\", \"MatchFilePath\": \"/etc/crontabs/cron.update\", \"MatchProcessPath\": \"/bin/busybox\", \"MatchRuleId\": \"200000000000000000000001\", \"MatchRuleName\": \"系统策略\", \"NodeID\": \"8a5772dee965c8223aebc*****\", \"NodeName\": \"host1\", \"NodeType\": \"NORMAL\", \"NodeUniqueID\": \"d41d8cd98f00b204e9800998ecf8427e\", \"PodIP\": \"10.0.0.11\", \"PodName\": \"demoset\", \"ProcessName\": \"/bin/busybox\", \"PublicIP\": \"1.1.1.1\", \"RuleExist\": true, \"RuleId\": \"222222222222222222222222\", \"Solution\": \"排查是否为正常业务需要的计划任务修改\", \"Status\": \"EVENT_UNDEAL\" } ]",
13056
+ "example": "",
13029
13057
  "member": "AccessControlEventInfo",
13030
13058
  "name": "EventSet",
13031
13059
  "output_required": true,
13032
13060
  "type": "list",
13033
13061
  "value_allowed_null": false
13034
13062
  },
13063
+ {
13064
+ "disabled": false,
13065
+ "document": "支持的内核版本",
13066
+ "example": "4.15.0-142-|4.18.0-80|4.18.0-193.28.1*|5.4.0-77-*|5.4.119.19.009.56",
13067
+ "member": "string",
13068
+ "name": "SupportCoreVersion",
13069
+ "output_required": false,
13070
+ "type": "string",
13071
+ "value_allowed_null": false
13072
+ },
13073
+ {
13074
+ "disabled": false,
13075
+ "document": "拦截失败可能的原因",
13076
+ "example": "非读写操作暂未支持拦截,如新建/重命名等,touch/mv 等操作。",
13077
+ "member": "string",
13078
+ "name": "InterceptionFailureTip",
13079
+ "output_required": false,
13080
+ "type": "string",
13081
+ "value_allowed_null": false
13082
+ },
13035
13083
  {
13036
13084
  "document": "唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。",
13037
13085
  "member": "string",
@@ -15841,7 +15889,7 @@
15841
15889
  "example": "[\"Instance****\"]",
15842
15890
  "member": "string",
15843
15891
  "name": "ExportField",
15844
- "required": true,
15892
+ "required": false,
15845
15893
  "type": "list"
15846
15894
  },
15847
15895
  {
@@ -15914,6 +15962,16 @@
15914
15962
  "type": "string",
15915
15963
  "value_allowed_null": false
15916
15964
  },
15965
+ {
15966
+ "disabled": false,
15967
+ "document": "导出任务id",
15968
+ "example": "1012",
15969
+ "member": "string",
15970
+ "name": "JobId",
15971
+ "output_required": true,
15972
+ "type": "string",
15973
+ "value_allowed_null": false
15974
+ },
15917
15975
  {
15918
15976
  "document": "唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。",
15919
15977
  "member": "string",
@@ -16657,7 +16715,7 @@
16657
16715
  "example": "[Name]",
16658
16716
  "member": "string",
16659
16717
  "name": "ExportField",
16660
- "required": true,
16718
+ "required": false,
16661
16719
  "type": "list"
16662
16720
  },
16663
16721
  {
@@ -16714,13 +16772,23 @@
16714
16772
  {
16715
16773
  "disabled": false,
16716
16774
  "document": "excel文件下载地址",
16717
- "example": "https://cwp-1258344699.cos.ap-guangzhou.myqcloud.com/ImageVirusListExport-1256299843-241101101930.csv?q-sign-algorithm=sha1&q-ak=AKID******&q-sign-time=1730427570%3B1730434770&q-key-time=1730427570%3B1730434770&q-header-list=host&q-url-param-list=&q-signature=ca98fa9ee18dd70c8ff947683262f155452b5f66",
16775
+ "example": "https://cwp-12583446xx.xxx",
16718
16776
  "member": "string",
16719
16777
  "name": "DownloadUrl",
16720
16778
  "output_required": true,
16721
16779
  "type": "string",
16722
16780
  "value_allowed_null": false
16723
16781
  },
16782
+ {
16783
+ "disabled": false,
16784
+ "document": "导出任务id",
16785
+ "example": "1012",
16786
+ "member": "string",
16787
+ "name": "JobId",
16788
+ "output_required": true,
16789
+ "type": "string",
16790
+ "value_allowed_null": false
16791
+ },
16724
16792
  {
16725
16793
  "document": "唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。",
16726
16794
  "member": "string",
@@ -16822,7 +16890,7 @@
16822
16890
  "example": "[\"CVEId\"]",
16823
16891
  "member": "string",
16824
16892
  "name": "ExportField",
16825
- "required": true,
16893
+ "required": false,
16826
16894
  "type": "list"
16827
16895
  },
16828
16896
  {
@@ -16879,13 +16947,23 @@
16879
16947
  {
16880
16948
  "disabled": false,
16881
16949
  "document": "excel文件下载地址",
16882
- "example": "https://cwp-1258344699.cos.ap-guangzhou.myqcloud.com/RegistryImageList-1256299843-241101101931.csv?q-sign-algorithm=sha1&q-ak=AKID******&q-sign-time=1730427571%3B1730434771&q-key-time=1730427571%3B1730434771&q-header-list=host&q-url-param-list=&q-signature=1ad96620c6cf3c64de52962c33032c3ef3300e5b",
16950
+ "example": "https://cwp-12583446xx.xxx",
16883
16951
  "member": "string",
16884
16952
  "name": "DownloadUrl",
16885
16953
  "output_required": true,
16886
16954
  "type": "string",
16887
16955
  "value_allowed_null": false
16888
16956
  },
16957
+ {
16958
+ "disabled": false,
16959
+ "document": "导出任务id",
16960
+ "example": "1012",
16961
+ "member": "string",
16962
+ "name": "JobId",
16963
+ "output_required": true,
16964
+ "type": "string",
16965
+ "value_allowed_null": false
16966
+ },
16889
16967
  {
16890
16968
  "document": "唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。",
16891
16969
  "member": "string",
@@ -18389,6 +18467,26 @@
18389
18467
  "type": "int",
18390
18468
  "value_allowed_null": false
18391
18469
  },
18470
+ {
18471
+ "disabled": false,
18472
+ "document": "失败主机数",
18473
+ "example": "10",
18474
+ "member": "uint64",
18475
+ "name": "FailedHostCount",
18476
+ "output_required": true,
18477
+ "type": "int",
18478
+ "value_allowed_null": false
18479
+ },
18480
+ {
18481
+ "disabled": false,
18482
+ "document": "任务id",
18483
+ "example": "1002",
18484
+ "member": "uint64",
18485
+ "name": "TaskId",
18486
+ "output_required": true,
18487
+ "type": "int",
18488
+ "value_allowed_null": false
18489
+ },
18392
18490
  {
18393
18491
  "document": "唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。",
18394
18492
  "member": "string",
@@ -18889,6 +18987,16 @@
18889
18987
  "type": "string",
18890
18988
  "value_allowed_null": false
18891
18989
  },
18990
+ {
18991
+ "disabled": false,
18992
+ "document": "所有者名称",
18993
+ "example": "tx-qi",
18994
+ "member": "string",
18995
+ "name": "OwnerName",
18996
+ "output_required": false,
18997
+ "type": "string",
18998
+ "value_allowed_null": false
18999
+ },
18892
19000
  {
18893
19001
  "document": "唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。",
18894
19002
  "member": "string",
@@ -20330,7 +20438,7 @@
20330
20438
  {
20331
20439
  "disabled": false,
20332
20440
  "document": "事件基本信息",
20333
- "example": "{ \"ClientIP\": \"159.75.90.111\", \"ClusterID\": \"cls-sdfw3f3\", \"ClusterName\": \"web-cluster\", \"ContainerId\": \"a960d85856c7a77cb504b638c56f59a28057\", \"ContainerIsolateOperationSrc\": \"system\", \"ContainerName\": \"node1\", \"ContainerNetStatus\": \"NORMAL\", \"ContainerNetSubStatus\": \"NONE\", \"EventCount\": 1, \"EventId\": \"12486\", \"EventName\": \"敏感路径挂载\", \"EventType\": \"MOUNT_SENSITIVE_PTAH\", \"FoundTime\": \"2024-10-23 17:13:51\", \"HostID\": \"3b6b1bbc-1c7a-47e2-9ca8-e9c27ec9d068\", \"HostIP\": \"172.17.1.6\", \"ImageId\": \"sha256:b760a4831f5aab71c711f7537a107b751d0d0ce90dd32d8b358df3c5da385426\", \"ImageName\": \"centos:7.6\", \"LatestFoundTime\": \"2024-10-23 17:13:51\", \"Namespace\": \"default\", \"NodeID\": \"web-node1\", \"NodeName\": \"VM-1-6-tencentos\", \"NodeSubNetCIDR\": \"172.16.0.0/24\", \"NodeSubNetID\": \"sub-ndifn***\", \"NodeSubNetName\": \"dev\", \"NodeType\": \"NORMAL\", \"NodeUniqueID\": \"d41d8cd98f00b20*******\", \"PodIP\": \"10.0.0.121\", \"PodName\": \"kube-system/cilium-m2gkw\", \"PodStatus\": \"NORMAL\", \"Status\": \"EVENT_UNDEAL\", \"WorkloadType\": \"StatefulSet\" }",
20441
+ "example": "",
20334
20442
  "member": "RunTimeEventBaseInfo",
20335
20443
  "name": "EventBaseInfo",
20336
20444
  "output_required": true,
@@ -20340,7 +20448,7 @@
20340
20448
  {
20341
20449
  "disabled": false,
20342
20450
  "document": "进程信息",
20343
- "example": "{ \"ProcessAuthority\": \"-rwxr-xr-x\", \"ProcessId\": 2743103, \"ProcessMd5\": \"81a7701a194c3a1179cfe4a7ac836626\", \"ProcessName\": \"runc\", \"ProcessParam\": \"cilium-agent --config-dir=/tmp/cilium/config-map\", \"ProcessPath\": \"/opt/containerd/bin/runc\", \"ProcessStartUser\": \"root\", \"ProcessTree\": \"runc(2743103)|containerd-shim-runc-v2(289436)|systemd(1)\", \"ProcessUserGroup\": \"root\" }",
20451
+ "example": "",
20344
20452
  "member": "ProcessDetailInfo",
20345
20453
  "name": "ProcessInfo",
20346
20454
  "output_required": true,
@@ -20350,7 +20458,7 @@
20350
20458
  {
20351
20459
  "disabled": false,
20352
20460
  "document": "事件描述",
20353
- "example": "{ \"Description\": \"容器(ID:5893711bb2...)挂载了敏感目录/lib/modules,/proc/sys/net,/proc/sys/kernel,存在容器逃逸的风险,当攻击者攻破容器后,可通过篡改该目录下的敏感文件,从而实现容器逃逸,获得宿主机系统的控制权限,威胁宿主机上其它容器及内网的安全。\", \"OperationTime\": \"1970-01-01 00:00:01\", \"Remark\": \"dev\", \"Solution\": \"修改挂载路径,只将必须的路径挂载到容器中,避免挂载敏感路径。\" }",
20461
+ "example": "",
20354
20462
  "member": "EscapeEventDescription",
20355
20463
  "name": "EventDetail",
20356
20464
  "output_required": true,
@@ -20360,7 +20468,7 @@
20360
20468
  {
20361
20469
  "disabled": false,
20362
20470
  "document": "父进程信息",
20363
- "example": "{ \"ProcessParam\": \"/usr/local/bin/containerd-shim-runc-v2 -namespace k8s.io -id 613d6792485871ca66ab6dc4d1c24e827e1ff4ae6aff87b187e40059cd3ba3b9 -address /run/containerd/containerd.sock \", \"ProcessPath\": \"containerd-shim-runc-v2\", \"ProcessStartUser\": \"root\", \"ProcessUserGroup\": \"root\" }",
20471
+ "example": "",
20364
20472
  "member": "ProcessBaseInfo",
20365
20473
  "name": "ParentProcessInfo",
20366
20474
  "output_required": true,
@@ -20370,7 +20478,7 @@
20370
20478
  {
20371
20479
  "disabled": false,
20372
20480
  "document": "祖先进程信息",
20373
- "example": " \"AncestorProcessInfo\": { \"ProcessParam\": \"/usr/lib/systemd/systemd --switched-root --system --deserialize 18 \", \"ProcessPath\": \"systemd\", \"ProcessStartUser\": \"root\", \"ProcessUserGroup\": \"root\" }",
20481
+ "example": "",
20374
20482
  "member": "ProcessBaseInfo",
20375
20483
  "name": "AncestorProcessInfo",
20376
20484
  "output_required": true,
@@ -24070,7 +24178,7 @@
24070
24178
  {
24071
24179
  "disabled": false,
24072
24180
  "document": "事件基本信息",
24073
- "example": "{\"ClientIP\":\"43.138.**.**\",\"ClusterID\":\"12\",\"ClusterName\":\"name1\",\"ContainerId\":\"dc56fda9-58c8-4c4f-9e8c-b7296836c1fe\",\"ContainerIsolateOperationSrc\":\"ContainerIsolateOperationSrc\",\"ContainerName\":\"/fervent_goodall\",\"ContainerNetStatus\":\"NORMAL\",\"ContainerNetSubStatus\":\"NONE\",\"EventCount\":1,\"EventId\":\"464567\",\"EventName\":\"反弹shell\",\"EventType\":\"REVERSE_SHELL_EVENT_TYPE\",\"FoundTime\":\"2024-10-09 10:17:07\",\"HostID\":\"45641324-6360-4fd4-bfc7-843162cb8116\",\"HostIP\":\"10.0.1.233\",\"ImageId\":\"sha256:345234541324b561b4c16bcb82328cfe5809ab675bb17ab3a16c517c9\",\"ImageName\":\"centos:7\",\"LatestFoundTime\":\"2024-10-09 10:17:07\",\"Namespace\":\"Namespace\",\"NodeID\":\"NodeID\",\"NodeName\":\"k8s-node1\",\"NodeSubNetCIDR\":\"NodeSubNetCIDR\",\"NodeSubNetID\":\"NodeSubNetID\",\"NodeSubNetName\":\"NodeSubNetName\",\"NodeType\":\"NORMAL\",\"NodeUniqueID\":\"NodeUniqueID\",\"PodIP\":\"10.0.0.1\",\"PodName\":\"PodName\",\"PodStatus\":\"2\",\"Status\":\"EVENT_UNDEAL\",\"WorkloadType\":\"3\"}",
24181
+ "example": "",
24074
24182
  "member": "RunTimeEventBaseInfo",
24075
24183
  "name": "EventBaseInfo",
24076
24184
  "output_required": true,
@@ -24080,7 +24188,7 @@
24080
24188
  {
24081
24189
  "disabled": false,
24082
24190
  "document": "进程信息",
24083
- "example": "{\"ProcessAuthority\":\"-rwxr-xr-x\",\"ProcessId\":737357,\"ProcessMd5\":\"81a7701a194c3a1179cfe4a7ac836626\",\"ProcessName\":\"bash\",\"ProcessParam\":\"bash -i\",\"ProcessPath\":\"/usr/bin/bash\",\"ProcessStartUser\":\"ProcessStartUser\",\"ProcessTree\":\"bash(737357)|bash(737356)|bash(733933)|containerd-shim-runc-v2(2178890)|systemd(1)\",\"ProcessUserGroup\":\"root\"}",
24191
+ "example": "",
24084
24192
  "member": "ProcessDetailInfo",
24085
24193
  "name": "ProcessInfo",
24086
24194
  "output_required": true,
@@ -24090,7 +24198,7 @@
24090
24198
  {
24091
24199
  "disabled": false,
24092
24200
  "document": "父进程信息",
24093
- "example": "{\"ProcessId\":737356,\"ProcessName\":\"bash\",\"ProcessParam\":\"sh -c bash \",\"ProcessPath\":\"/usr/bin/bash\",\"ProcessStartUser\":\"ProcessStartUser\",\"ProcessUserGroup\":\"ProcessUserGroup\"}",
24201
+ "example": "",
24094
24202
  "member": "ProcessDetailBaseInfo",
24095
24203
  "name": "ParentProcessInfo",
24096
24204
  "output_required": true,
@@ -24100,7 +24208,7 @@
24100
24208
  {
24101
24209
  "disabled": false,
24102
24210
  "document": "事件描述",
24103
- "example": "{\"Description\":\"/fervent_goodall容器(ID:b18a9a3726...)内存在疑似反弹shell行为\",\"DstAddress\":\"175.178.**.**:3387\",\"OperationTime\":\"1970-01-01 00:00:01\",\"Remark\":\"Remark\",\"Solution\":\"清理容器内反弹shell进程,检查容器内服务是否存在漏洞、弱密码等风险\"}",
24211
+ "example": "",
24104
24212
  "member": "ReverseShellEventDescription",
24105
24213
  "name": "EventDetail",
24106
24214
  "output_required": true,
@@ -24110,7 +24218,7 @@
24110
24218
  {
24111
24219
  "disabled": false,
24112
24220
  "document": "祖先进程信息",
24113
- "example": "{\"ProcessParam\":\"bash\",\"ProcessPath\":\"/usr/bin/bash\",\"ProcessStartUser\":\"root\",\"ProcessUserGroup\":\"root\"}",
24221
+ "example": "",
24114
24222
  "member": "ProcessBaseInfo",
24115
24223
  "name": "AncestorProcessInfo",
24116
24224
  "output_required": true,
@@ -25065,7 +25173,7 @@
25065
25173
  {
25066
25174
  "disabled": false,
25067
25175
  "document": "恶意请求事件列表",
25068
- "example": "[{\"Address\": \"r4v4icyaaltpqelvmj2w45dvgeytcmbnpa4dmljwgq.h.nessus****\", \"City\": \"\", \"ClusterID\": \"cls-55jm****\", \"ClusterName\": \"k8s-tool\", \"ContainerID\": \"23800b52164fef1266ab259abf2476e7f498c01f98adeb1b4cb53f224000****\", \"ContainerIsolateOperationSrc\": \"\", \"ContainerName\": \"/nessus\", \"ContainerNetStatus\": \"NORMAL\", \"ContainerNetSubStatus\": \"NONE\", \"ContainerStatus\": \"DESTR****\", \"Description\": \"\", \"EventCount\": 3, \"EventID\": 1774008, \"EventStatus\": \"EVENT_UN****\", \"EventType\": \"DOMAIN\", \"FoundTime\": \"2024-02-02 10:4****\", \"HostID\": \"1e7c4560-8b24-4990-838b-8023d621****\", \"HostIP\": \"10.0.1****\", \"HostName\": \"VM-7-17-ce****\", \"ImageID\": \"sha256:b2362acbac0b6df9775a039560482a7a744fe54403aa45a9669b3163f68e****\", \"ImageName\": \"ramisec/nessus:la****\", \"LatestFoundTime\": \"2024-02-02 16:5****\", \"NodeID\": \"ins-2zwg****\", \"NodeName\": \"VM-7-17-ce****\", \"NodeType\": \"NORMAL\", \"NodeUniqueID\": \"ddcc216281ee8c098076deaa9717****\", \"PodIP\": \"10.0.1****\", \"PodName\": \"/\", \"PublicIP\": \"10.0.1****\", \"Solution\": \"\"}]",
25176
+ "example": "",
25069
25177
  "member": "RiskDnsEventInfo",
25070
25178
  "name": "List",
25071
25179
  "output_required": true,
@@ -25204,7 +25312,7 @@
25204
25312
  {
25205
25313
  "disabled": false,
25206
25314
  "document": "事件基本信息",
25207
- "example": "{ \"ClientIP\": \"175.178.113.111\", \"ClusterID\": \"cls-demo1\", \"ClusterName\": \"web-demo\", \"ContainerId\": \"75D3326A-9B9C-4275-895A-16FDA1*****\", \"ContainerIsolateOperationSrc\": \"ContainerIsolateOperationSrc\", \"ContainerName\": \"/k8s_xenon_mysql-tce-cwp-mysql-2_sso_c9fdfba4-e31a-46bc-a43a-****\", \"ContainerNetStatus\": \"NORMAL\", \"ContainerNetSubStatus\": \"NONE\", \"EventCount\": 130, \"EventId\": \"5124493\", \"EventName\": \"高危系统调用\", \"EventType\": \"RISK_SYSCALL_EVENT_TYPE\", \"FoundTime\": \"2024-10-23 00:05:17\", \"HostID\": \"11141114-66fd-4171-93eb-2f4fc36ef1e1\", \"HostIP\": \"10.0.0.105\", \"ImageId\": \"sha256:11141114e95dce36e8455cf657e1e54d74bb8fac6111411141114\", \"ImageName\": \"registry.tce.com/service-vendors/mysql-xenon:8.0.32-20240524-155426-11141114.rhel.amd64\", \"LatestFoundTime\": \"2024-10-23 17:02:47\", \"Namespace\": \"default\", \"NodeID\": \"pod-dj4xjf***\", \"NodeName\": \"tcs-10-0-0-105\", \"NodeSubNetCIDR\": \"fe80::8132:1b51:5********\", \"NodeSubNetID\": \"subnet-dfj4***\", \"NodeSubNetName\": \"default\", \"NodeType\": \"NORMAL\", \"NodeUniqueID\": \"node-4jfjfgdnvnd****\", \"PodIP\": \"10.0.0.11\", \"PodName\": \"demonset\", \"PodStatus\": \"running\", \"Status\": \"EVENT_UNDEAL\", \"WorkloadType\": \"StatefulSet\" }",
25315
+ "example": "",
25208
25316
  "member": "RunTimeEventBaseInfo",
25209
25317
  "name": "EventBaseInfo",
25210
25318
  "output_required": true,
@@ -25214,7 +25322,7 @@
25214
25322
  {
25215
25323
  "disabled": false,
25216
25324
  "document": "进程信息",
25217
- "example": "{ \"ProcessAuthority\": \"-rwxr-xr-x\", \"ProcessId\": 2907621, \"ProcessMd5\": \"8a5772dee965c8223aebc1225e*****\", \"ProcessName\": \"xenoncli\", \"ProcessParam\": \"xenoncli xenon ping\", \"ProcessPath\": \"/usr/local/bin/xenoncli\", \"ProcessStartUser\": \"root\", \"ProcessTree\": \"xenoncli(2907621)|containerd-shim(330852)|containerd(17863)|dockerd(17838)|systemd(1)\", \"ProcessUserGroup\": \"0\" },",
25325
+ "example": "",
25218
25326
  "member": "ProcessDetailInfo",
25219
25327
  "name": "ProcessInfo",
25220
25328
  "output_required": true,
@@ -25224,7 +25332,7 @@
25224
25332
  {
25225
25333
  "disabled": false,
25226
25334
  "document": "父进程信息",
25227
- "example": "{ \"ProcessId\": 330852, \"ProcessName\": \"containerd-shim\", \"ProcessParam\": \"containerd-shim -namespace moby -workdir /data/kubernetes/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/ /var/run/docker/runtime-runc\", \"ProcessPath\": \"/usr/bin/containerd-shim\", \"ProcessStartUser\": \"root\", \"ProcessUserGroup\": \"root\" }",
25335
+ "example": "",
25228
25336
  "member": "ProcessDetailBaseInfo",
25229
25337
  "name": "ParentProcessInfo",
25230
25338
  "output_required": true,
@@ -25234,7 +25342,7 @@
25234
25342
  {
25235
25343
  "disabled": false,
25236
25344
  "document": "事件描述",
25237
- "example": "{ \"Description\": \"sergid会导致运行进程的账号权限变更,可能带来安全风险\", \"OperationTime\": \"1970-01-01 00:00:01\", \"Remark\": \"user config\", \"Solution\": \"使用存在潜在风险的系统调用,可能导致容器逃逸。建议对于不常用的系统调用,禁止容器使用,并及时更新宿主机的系统漏洞\", \"SyscallName\": \"chroot\" }",
25345
+ "example": "",
25238
25346
  "member": "RiskSyscallEventDescription",
25239
25347
  "name": "EventDetail",
25240
25348
  "output_required": true,
@@ -25244,7 +25352,7 @@
25244
25352
  {
25245
25353
  "disabled": false,
25246
25354
  "document": "祖先进程信息",
25247
- "example": "{ \"ProcessParam\": \"containerd --config /var/run/docker/containerd/containerd.toml --log-level warn\", \"ProcessPath\": \"/usr/bin/containerd\", \"ProcessStartUser\": \"0\", \"ProcessUserGroup\": \"0\" }",
25355
+ "example": "",
25248
25356
  "member": "ProcessBaseInfo",
25249
25357
  "name": "AncestorProcessInfo",
25250
25358
  "output_required": true,
@@ -28194,6 +28302,16 @@
28194
28302
  "type": "string",
28195
28303
  "value_allowed_null": false
28196
28304
  },
28305
+ {
28306
+ "disabled": false,
28307
+ "document": "容器状态",
28308
+ "example": "RUNNING",
28309
+ "member": "string",
28310
+ "name": "ContainerStatus",
28311
+ "output_required": true,
28312
+ "type": "string",
28313
+ "value_allowed_null": false
28314
+ },
28197
28315
  {
28198
28316
  "document": "唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。",
28199
28317
  "member": "string",
@@ -39618,6 +39736,26 @@
39618
39736
  "output_required": true,
39619
39737
  "type": "string",
39620
39738
  "value_allowed_null": false
39739
+ },
39740
+ {
39741
+ "disabled": false,
39742
+ "document": "镜像ID",
39743
+ "example": "sha256:b2362acbac0b6df9775a039560482a7a744fe54403aa45a9669b3163f68e****",
39744
+ "member": "string",
39745
+ "name": "ImageId",
39746
+ "output_required": false,
39747
+ "type": "string",
39748
+ "value_allowed_null": false
39749
+ },
39750
+ {
39751
+ "disabled": false,
39752
+ "document": "容器ID",
39753
+ "example": "23800b52164fef1266ab259abf2476e7f498c01f98adeb1b4cb53f224000****",
39754
+ "member": "string",
39755
+ "name": "ContainerId",
39756
+ "output_required": false,
39757
+ "type": "string",
39758
+ "value_allowed_null": false
39621
39759
  }
39622
39760
  ],
39623
39761
  "usage": "out"
@@ -40518,6 +40656,16 @@
40518
40656
  "output_required": true,
40519
40657
  "type": "string",
40520
40658
  "value_allowed_null": false
40659
+ },
40660
+ {
40661
+ "disabled": false,
40662
+ "document": "容器运行状态",
40663
+ "example": "EVENT_UNDEAL",
40664
+ "member": "string",
40665
+ "name": "ContainerStatus",
40666
+ "output_required": false,
40667
+ "type": "string",
40668
+ "value_allowed_null": false
40521
40669
  }
40522
40670
  ],
40523
40671
  "usage": "out"
@@ -43345,7 +43493,7 @@
43345
43493
  {
43346
43494
  "disabled": false,
43347
43495
  "document": "建议方案",
43348
- "example": "1.检查恶意进程及非法端口,删除可疑的启动项和定时任务;\n2.隔离或者删除相关的木马文件;\n3.对系统进行风险排查,并进行安全加固,详情可参考如下链接: \n【Linux】https://cloud.tencent.com/document/product/296/9604 \n【Windows】https://cloud.tencent.com/document/product/296/****",
43496
+ "example": "1.检查恶意进程及非法端口",
43349
43497
  "member": "string",
43350
43498
  "name": "SuggestScheme",
43351
43499
  "output_required": true,
@@ -43531,6 +43679,16 @@
43531
43679
  "output_required": true,
43532
43680
  "type": "string",
43533
43681
  "value_allowed_null": false
43682
+ },
43683
+ {
43684
+ "disabled": false,
43685
+ "document": "节点内网IP,同innerIP",
43686
+ "example": "10.72.20****",
43687
+ "member": "string",
43688
+ "name": "HostIP",
43689
+ "output_required": true,
43690
+ "type": "string",
43691
+ "value_allowed_null": false
43534
43692
  }
43535
43693
  ],
43536
43694
  "usage": "out"