{"base_path":"/","components":null,"consumes":"","definitions":{"ChangeIncidentRequestBody":{"description":"更新事件请求body体","example":{"batch_ids":["909494e3-558e-46b6-a9eb-07a8e18ca62f"],"data_object":{"actor":"刘一博","arrive_time":"2021-01-30T23:00:00Z+0800","chop_phase":"Prepartion|Detection and Analysis|Containm,Eradication& Recovery| Post-Incident-Activity","close_comment":"误检;已解决;重复;其他","close_reason":"误检;已解决;重复;其他","close_time":"2021-01-30T23:00:00Z+0800","confidence":4,"count":4,"create_time":"2021-01-30T23:00:00Z+0800","criticality":4,"cteator":"MyXXX","datasource":{"domain_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","project_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","region_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","source_type":3},"description":"This my XXXX","environment":{"domain_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","project_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","region_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","vendor_type":"MyXXX"},"file_info":[{"file_attr":"MyXXX","file_content":"MyXXX","file_hash":"MyXXX","file_md5":"MyXXX","file_new_path":"MyXXX","file_path":"MyXXX","file_sha256":"MyXXX"}],"first_observed_time":"2021-01-30T23:00:00Z+0800","handle_status":"Open – 打开,Block – 阻塞,Closed – 关闭。默认填写Open","id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","incident_type":{},"ipdrr_phase":"Prepartion|Detection and Analysis|Containm,Eradication& Recovery| Post-Incident-Activity","last_observed_time":"2021-01-30T23:00:00Z+0800","malware":{"malware_class":"恶意占用内存","malware_family":"family"},"network_list":[{"dest_domain":"xxx","dest_geo":{"latitude":90,"longitude":180},"dest_ip":"192.168.0.1","dest_port":"1","direction":{"IN":null},"protocol":"TCP","src_domain":"xxx","src_geo":{"latitude":90,"longitude":180},"src_ip":"192.168.0.1","src_port":"1"}],"owner":"MyXXX","ppdr_phase":"Prepartion|Detection and Analysis|Containm,Eradication& Recovery| Post-Incident-Activity","process":[{"process_cmdline":"MyXXX","process_name":"MyXXX","process_path":"MyXXX","process_pid":"909494e3-558e-46b6-a9eb-07a8e18ca62f","process_uid":"909494e3-558e-46b6-a9eb-07a8e18ca62f"}],"remediation":{"recommendation":"MyXXX","url":"MyXXX"},"resource_list":[{"domain_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","ep_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","ep_name":"MyXXX","id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","name":"MyXXX","project_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","region_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","tags":"909494e3-558e-46b6-a9eb-07a8e18ca62f","type":"MyXXX"}],"serverity":"TIPS","simulation":"false","sla":60000,"source_url":"http://xxx","system_incident_table":{},"system_info":{},"title":"MyXXX","update_time":"2021-01-30T23:00:00Z+0800","user_info":[{"user_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","user_name":"MyXXX"}],"verification_state":"Unknown – 未知,True_Positive – 确认,False_Positive – 误报。默认填写Unknown","version":"1.0","workspace_id":"909494e3-558e-46b6-a9eb-07a8e18ca620"}},"properties":{"batch_ids":{"description":"更新事件的ID列表","items":{"description":"id","example":"909494e3-558e-46b6-a9eb-07a8e18ca621","maxLength":100,"minLength":0,"type":"string"},"maxItems":999,"minItems":0,"type":"array"},"data_object":{"$ref":"#/definitions/Incident"}}},"ChangeIncidentResponseBody":{"description":"更新事件结果返回body体","example":{"code":"909494e3-558e-46b6-a9eb-07a8e18ca62f","data":{"create_time":"2021-01-30T23:00:00Z+0800","data_object":{"actor":"刘一博","arrive_time":"2021-01-30T23:00:00Z+0800","chop_phase":"Prepartion|Detection and Analysis|Containm,Eradication& Recovery| Post-Incident-Activity","close_comment":"误检;已解决;重复;其他","close_reason":"误检;已解决;重复;其他","close_time":"2021-01-30T23:00:00Z+0800","confidence":4,"count":4,"create_time":"2021-01-30T23:00:00Z+0800","criticality":4,"cteator":"MyXXX","datasource":{"domain_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","project_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","region_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","source_type":3},"description":"This my XXXX","environment":{"domain_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","project_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","region_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","vendor_type":"MyXXX"},"file_info":[{"file_attr":"MyXXX","file_content":"MyXXX","file_hash":"MyXXX","file_md5":"MyXXX","file_new_path":"MyXXX","file_path":"MyXXX","file_sha256":"MyXXX"}],"first_observed_time":"2021-01-30T23:00:00Z+0800","handle_status":"Open – 打开,Block – 阻塞,Closed – 关闭。默认填写Open","id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","incident_type":{},"ipdrr_phase":"Prepartion|Detection and Analysis|Containm,Eradication& Recovery| Post-Incident-Activity","last_observed_time":"2021-01-30T23:00:00Z+0800","malware":{"malware_class":"恶意占用内存","malware_family":"family"},"network_list":[{"dest_domain":"xxx","dest_geo":{"latitude":90,"longitude":180},"dest_ip":"192.168.0.1","dest_port":"1","direction":{"IN":null},"protocol":"TCP","src_domain":"xxx","src_geo":{"latitude":90,"longitude":180},"src_ip":"192.168.0.1","src_port":"1"}],"owner":"MyXXX","ppdr_phase":"Prepartion|Detection and Analysis|Containm,Eradication& Recovery| Post-Incident-Activity","process":[{"process_cmdline":"MyXXX","process_name":"MyXXX","process_path":"MyXXX","process_pid":"909494e3-558e-46b6-a9eb-07a8e18ca62f","process_uid":"909494e3-558e-46b6-a9eb-07a8e18ca62f"}],"remediation":{"recommendation":"MyXXX","url":"MyXXX"},"resource_list":[{"domain_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","ep_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","ep_name":"MyXXX","id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","name":"MyXXX","project_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","region_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","tags":"909494e3-558e-46b6-a9eb-07a8e18ca62f","type":"MyXXX"}],"serverity":"TIPS","simulation":"false","sla":60000,"source_url":"http://xxx","system_incident_table":{},"system_info":{},"title":"MyXXX","update_time":"2021-01-30T23:00:00Z+0800","user_info":[{"user_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","user_name":"MyXXX"}],"verification_state":"Unknown – 未知,True_Positive – 确认,False_Positive – 误报。默认填写Unknown","version":"1.0","workspace_id":"909494e3-558e-46b6-a9eb-07a8e18ca620"},"dataclass":{"id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","name":"MyXXX"},"dataclass_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","layout_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","name":"MyXXX","project_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","type":"MyXXX","update_time":"2021-01-30T23:00:00Z+0800","workspace_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f"},"message":"Error message"},"properties":{"code":{"description":"错误码","example":"CSB.20040001","maxLength":64,"minLength":0,"type":"string"},"data":{"$ref":"#/definitions/IncidentDetail"},"message":{"description":"错误信息","example":"Parameter error.","maxLength":1024,"minLength":0,"type":"string"}}},"ErrorRsp":{"description":"请求失败错误响应体","properties":{"code":{"description":"错误码","example":"SecMaster.20040001","maxLength":64,"minLength":0,"type":"string"},"message":{"description":"错误描述","example":"Parameter error.","maxLength":1024,"minLength":0,"type":"string"}}},"Incident":{"description":"事件实体信息","properties":{"actor":{"description":"事件调查员","example":"张三","maxLength":64,"minLength":0,"type":"string"},"arrive_time":{"description":"接收时间,格式ISO8601:YYYY-MM-DDTHH:mm:ss.ms+timezone。时区信息为事件发生时区,无法解析时区的时间,默认时区填东八区","example":"2022-11-12T14:14:09.098+08:00","maxLength":30,"minLength":0,"type":"string"},"close_comment":{"description":"关闭评论","example":"误检","maxLength":1024,"minLength":0,"type":"string"},"close_reason":{"description":"关闭原因:\n误检 - False detection\n已解决 - Resolved\n重复 - Repeated\n其他 - Other","enum":["False detection","Resolved","Repeated","Other"],"example":"False detection","maxLength":64,"minLength":0,"type":"string"},"close_time":{"description":"关闭时间,格式ISO8601:YYYY-MM-DDTHH:mm:ss.ms+timezone。时区信息为事件发生时区,无法解析时区的时间,默认时区填东八区","example":"2022-11-12T14:14:09.098+08:00","maxLength":30,"minLength":0,"type":"string"},"confidence":{"description":"事件的置信度。置信度的定义旨在说明识别的行为或问题的可能性。\n取值范围:0-100,0表示置信度为0%,100表示置信度为100%","example":0,"maximum":100,"minimum":0,"type":"integer"},"count":{"description":"事件发生次数","example":0,"maximum":999,"minimum":0,"type":"integer"},"create_time":{"description":"记录时间,格式ISO8601:YYYY-MM-DDTHH:mm:ss.ms+timezone。时区信息为事件发生时区,无法解析时区的时间,默认时区填东八区","example":"2023-02-25T12:00:29.623Z+0800","maxLength":30,"minLength":0,"type":"string"},"creator":{"description":"创建人","example":"张三","maxLength":64,"minLength":0,"type":"string"},"criticality":{"description":"关键性,是指事件涉及的资源的重要性级别。\n取值范围:0-100,0表示资源不关键,100表示最关键资源","example":4,"maximum":100,"minimum":0,"type":"integer"},"data_source":{"description":"首次上报数据源","properties":{"company_name":{"description":"数据源产品所属公司的名称","example":"Huawei","maxLength":16,"minLength":0,"type":"string"},"domain_id":{"description":"数据源产品所属账号的id","example":"909494e3-558e-46b6-a9eb-07a8e18ca623","maxLength":36,"minLength":0,"type":"string"},"product_feature":{"description":"产品功能特性名称,用来指明检测到当前事件的产品的功能特性","example":"HIDS","maxLength":24,"minLength":0,"type":"string"},"product_module":{"description":"检测模块列表","example":"hids_module","maxLength":1024,"minLength":0,"type":"string"},"product_name":{"description":"数据源产品的名称","example":"hss","maxLength":24,"minLength":0,"type":"string"},"project_id":{"description":"数据源产品所属项目的id","example":"909494e3-558e-46b6-a9eb-07a8e18ca626","maxLength":64,"minLength":0,"type":"string"},"region_id":{"description":"数据源产品所在区域,具体取值范围查看华为云地区和终端节点定义,例如cn-north-1","example":"cn-north-1","maxLength":64,"minLength":0,"type":"string"},"source_type":{"description":"数据源类型,取值范围如下:\n1 - 华为产品\n2 - 第三方产品\n3 - 租户私有产品","enum":[1,2,3],"example":3,"maximum":3,"minimum":1,"type":"integer"}},"type":"object"},"description":{"description":"事件描述信息","example":"description","maxLength":1024,"minLength":0,"type":"string"},"domain_id":{"description":"数据投递后,被委托用户的domain_id","example":"909494e3-558e-46b6-a9eb-07a8e18ca622","maxLength":36,"minLength":0,"type":"string"},"environment":{"description":"事件产生的环境坐标信息","properties":{"cross_workspace_id":{"description":"数据投递前的源工作空间id,在源空间下值为null,投递后为被委托用户的id","example":"909494e3-558e-46b6-a9eb-07a8e18ca625","maxLength":64,"minLength":0,"type":"string"},"domain_id":{"description":"租户id","example":"909494e3-558e-46b6-a9eb-07a8e18ca623","maxLength":64,"minLength":0,"type":"string"},"project_id":{"description":"项目id, 全局服务默认null","example":"909494e3-558e-46b6-a9eb-07a8e18ca626","maxLength":64,"minLength":0,"type":"string"},"region_id":{"description":"区域id,全局服务global","example":"cn-north-7","maxLength":64,"minLength":0,"type":"string"},"vendor_type":{"description":"环境供应商:HWCP/HWC/AWS/Azure/GCP","example":"HWC","maxLength":64,"minLength":0,"type":"string"}},"type":"object"},"file_info":{"description":"文件信息","items":{"properties":{"file_attr":{"description":"文件属性","example":"size:1024","maxLength":1024,"minLength":0,"type":"string"},"file_content":{"description":"文件内容","example":"This is a file","maxLength":1024,"minLength":0,"type":"string"},"file_hash":{"description":"文件hash","example":4673448876608239062,"maxLength":128,"minLength":0,"type":"string"},"file_md5":{"description":"文件md5","example":"bfa89e563d9509fbc5c6503dd50faf2e","maxLength":128,"minLength":0,"type":"string"},"file_new_path":{"description":"文件新路径/名称","example":"/opt/cloud","maxLength":64,"minLength":32,"type":"string"},"file_path":{"description":"文件路径/名称","example":"/opt/cloud","maxLength":128,"minLength":0,"type":"string"},"file_sha256":{"description":"文件sha256","example":"e758834980d502fbdec9166b9a76aa657728546c838f59f51ae66b1ed32fb16b","maxLength":128,"minLength":0,"type":"string"}}},"maxItems":999,"minItems":0,"type":"array"},"first_observed_time":{"description":"首次发现时间,格式ISO8601:YYYY-MM-DDTHH:mm:ss.ms+timezone。时区信息为事件发生时区,无法解析时区的时间,默认时区填东八区","example":"2022-11-12T14:14:09.098+08:00","maxLength":30,"minLength":0,"type":"string"},"handle_status":{"description":"事件处理状态,可选类型如下:\nOpen – 打开,默认\nBlock – 阻塞\nClosed – 关闭\n默认填写Open","enum":["Open","Block","Closed"],"example":"Open","maxLength":5,"minLength":4,"type":"string"},"id":{"description":"事件唯一标识,UUID格式,最大36个字符","example":"909494e3-558e-46b6-a9eb-07a8e18ca621","maxLength":36,"minLength":0,"type":"string"},"incident_type":{"description":"事件分类,详细定义参考《告警事件类型定义》","properties":{"category":{"description":"类别","example":"系统行为异常","maxLength":1024,"minLength":0,"type":"string"},"incident_type":{"description":"事件类型","example":"File/Directory Change","maxLength":1024,"minLength":0,"type":"string"}},"type":"object"},"ipdrr_phase":{"description":"周期/处置阶段编号\nPrepartion|Detection and Analysis|Containm,Eradication& Recovery|Post-Incident-Activity","enum":["Prepartion","Detection and Analysis","Containm,Eradication& Recovery","Post-Incident-Activity"],"example":"Prepartion","maxLength":64,"minLength":0,"type":"string"},"labels":{"description":"标签,仅展示","example":"MyXXX","maxLength":1024,"minLength":0,"type":"string"},"last_observed_time":{"description":"最近发现时间,格式ISO8601:YYYY-MM-DDTHH:mm:ss.ms+timezone。时区信息为事件发生时区,无法解析时区的时间,默认时区填东八区","example":"2022-11-12T14:14:09.098+08:00","maxLength":30,"minLength":0,"type":"string"},"malware":{"description":"恶意软件","properties":{"malware_class":{"description":"恶意软件分类","example":"恶意占用内存","maxLength":64,"minLength":0,"type":"string"},"malware_family":{"description":"恶意家族","example":"family","maxLength":64,"minLength":0,"type":"string"}},"type":"object"},"network_list":{"description":"网络信息","items":{"properties":{"dest_domain":{"description":"目的域名","example":"https://xxx","maxLength":128,"minLength":0,"type":"string"},"dest_geo":{"description":"目标IP的地理位置信息","properties":{"city_code":{"description":"城市编码,Beijing | Shanghai","example":"Beijing","maxLength":64,"minLength":0,"type":"string"},"country_code":{"description":"国家简码,参考ISO 3166-1 alpha-2,例如:CN | US | DE | IT | SG","example":"CN","maxLength":64,"minLength":0,"type":"string"},"latitude":{"description":"纬度","example":90,"maximum":90,"minimum":0,"type":"number"},"longitude":{"description":"经度","example":90,"maximum":180,"minimum":0,"type":"number"}},"type":"object"},"dest_ip":{"description":"目的IP地址","example":"192.168.0.1","maxLength":64,"minLength":32,"type":"string"},"dest_port":{"description":"目的端口,0–65535","example":3306,"maxLength":65535,"minLength":0,"type":"string"},"direction":{"description":"方向,取值范围:IN | OUT","enum":["IN","OUT"],"example":"IN","maxLength":3,"minLength":0,"type":"string"},"protocol":{"description":"协议,包含7层和4层的协议\n参考:IANA registered name\nhttps://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml","example":"TCP","maxLength":64,"minLength":0,"type":"string"},"src_domain":{"description":"源域名","example":"https://xxx","maxLength":128,"minLength":0,"type":"string"},"src_geo":{"description":"源IP的地理位置信息","properties":{"city_code":{"description":"城市编码,Beijing | Shanghai","example":"Beijing","maxLength":64,"minLength":0,"type":"string"},"country_code":{"description":"国家简码,参考ISO 3166-1 alpha-2,例如:CN | US | DE | IT | SG","example":"CN","maxLength":64,"minLength":0,"type":"string"},"latitude":{"description":"纬度","example":90,"maximum":90,"minimum":0,"type":"number"},"longitude":{"description":"经度","example":90,"maximum":180,"minimum":0,"type":"number"}},"type":"object"},"src_ip":{"description":"源IP地址","example":"192.168.0.1","maxLength":64,"minLength":0,"type":"string"},"src_port":{"description":"源端口,0–65535","example":3306,"maximum":65535,"minimum":0,"type":"integer"}}},"maxItems":999,"minItems":0,"type":"array"},"owner":{"description":"责任人、服务责任人","example":"张三","maxLength":64,"minLength":0,"type":"string"},"process":{"description":"进程信息","items":{"properties":{"process_child_cmdline":{"description":"子进程命令行","example":"cd /opt","maxLength":128,"minLength":0,"type":"string"},"process_child_name":{"description":"子进程名称","example":"python","maxLength":64,"minLength":0,"type":"string"},"process_child_path":{"description":"子进程执行文件路径","example":"/opt/cloud","maxLength":512,"minLength":0,"type":"string"},"process_child_pid":{"description":"子进程id","example":6789,"maximum":65535,"minimum":0,"type":"integer"},"process_child_uid":{"description":"子进程用户id","example":6789,"maximum":655350,"minimum":0,"type":"integer"},"process_cmdline":{"description":"进程命令行","example":"cd /opt","maxLength":128,"minLength":0,"type":"string"},"process_launche_time":{"description":"进程启动时间,格式ISO8601:YYYY-MM-DDTHH:mm:ss.ms+timezone。时区信息为事件发生时区,无法解析时区的时间,默认时区填东八区","example":"2022-11-12T14:14:09.098+08:00","maxLength":30,"minLength":0,"type":"string"},"process_name":{"description":"进程名","example":"java","maxLength":64,"minLength":0,"type":"string"},"process_parent_cmdline":{"description":"父进程命令行","example":"cd /opt","maxLength":128,"minLength":0,"type":"string"},"process_parent_name":{"description":"父进程名称","example":"python","maxLength":64,"minLength":0,"type":"string"},"process_parent_path":{"description":"父进程执行文件路径","example":"/opt/cloud","maxLength":512,"minLength":0,"type":"string"},"process_parent_pid":{"description":"父进程id","example":6789,"maximum":65535,"minimum":0,"type":"integer"},"process_parent_uid":{"description":"父进程用户id","example":6789,"maximum":655350,"minimum":0,"type":"integer"},"process_path":{"description":"进程执行文件路径","example":"/opt/cloud","maxLength":512,"minLength":0,"type":"string"},"process_pid":{"description":"进程id","example":6789,"maximum":65535,"minimum":0,"type":"integer"},"process_terminate_time":{"description":"进程结束时间,格式ISO8601:YYYY-MM-DDTHH:mm:ss.ms+timezone。时区信息为事件发生时区,无法解析时区的时间,默认时区填东八区","example":"2022-11-12T14:14:09.098+08:00","maxLength":30,"minLength":0,"type":"string"},"process_uid":{"description":"进程用户id","example":6789,"maximum":655350,"minimum":0,"type":"integer"}}},"maxItems":999,"minItems":0,"type":"array"},"region_id":{"description":"数据投递后,被委托用户的region_id","example":"909494e3-558e-46b6-a9eb-07a8e18ca623","maxLength":36,"minLength":0,"type":"string"},"remediation":{"description":"补救措施","properties":{"recommendation":{"description":"推荐处理方法","example":"Close","maxLength":128,"minLength":0,"type":"string"},"url":{"description":"链接,指向该事件的一般修复信息。该URL必须可以从公网访问,不需要提供凭证","example":"https://xxx","maxLength":2048,"minLength":0,"type":"string"}},"type":"object"},"resource_list":{"description":"受影响资源","items":{"properties":{"domain_id":{"description":"资源所属账号ID,UUID格式","example":"909494e3-558e-46b6-a9eb-07a8e18ca621","maxLength":36,"minLength":0,"type":"string"},"ep_id":{"description":"企业项目id","example":"909494e3-558e-46b6-a9eb-07a8e18ca621","maxLength":128,"minLength":0,"type":"string"},"ep_name":{"description":"企业项目名称","example":"Huawei","maxLength":128,"minLength":0,"type":"string"},"id":{"description":"云服务资源id","example":"058a3b08-a4a4-4fb3-a0ab-6588b6a994da","maxLength":36,"minLength":0,"type":"string"},"name":{"description":"资源名称","example":"csb-sa-resource-ecs01","maxLength":255,"minLength":0,"type":"string"},"project_id":{"description":"资源所属项目ID,UUID格式","example":"909494e3-558e-46b6-a9eb-07a8e18ca621","maxLength":36,"minLength":0,"type":"string"},"provider":{"description":"云服务名称;引用华为云RMS provider字段","example":"ecs","maxLength":64,"minLength":0,"type":"string"},"region_id":{"description":"区域;按照华为云regionId填写,如cn-north-1等","example":"cn-north-1","maxLength":36,"minLength":0,"type":"string"},"tags":{"description":"资源标签\n1、最多50个key/values对\n2、values:最大255字符,取值范围:字母数字,空格,+, -, =, ., _, :, /,@","example":"key:value","maxLength":2048,"minLength":0,"type":"string"},"type":{"description":"资源类型;引用华为云RMS type字段","example":"cloudservers","maxLength":64,"minLength":0,"type":"string"}}},"maxItems":999,"minItems":0,"type":"array"},"severity":{"description":"严重性等级,取值范围:Tips | Low | Medium | High | Fatal\n说明:\n0: Tips – 未发现任何问题。\n1: Low – 无需针对问题执行任何操作。\n2: Medium – 问题需要处理,但不紧急。\n3: High – 问题必须优先处理。\n4: Fatal – 问题必须立即处理,以防止产生进一步的损害","enum":["Tips","Low","Medium","High","Fatal"],"example":"Tips","maxLength":6,"minLength":3,"type":"string"},"simulation":{"description":"调试字段","example":"false","maxLength":64,"minLength":0,"type":"string"},"sla":{"description":"约束闭环时间:设置风险接受持续时间。单位:小时","example":1,"maximum":999,"minimum":0,"type":"integer"},"source_url":{"description":"事件URL链接,指向数据源产品中有关当前事件说明的页面","example":"https://xxx","maxLength":1024,"minLength":0,"type":"string"},"system_alert_table":{"description":"事件管理列表的布局字段","type":"object"},"system_info":{"description":"系统信息","type":"object"},"title":{"description":"事件标题","example":"【Key file directory change】【HSS】2023-02-25T15:42:28.165+08:00,主机:192.168.0.247执行Key file directory change","maxLength":255,"minLength":0,"type":"string"},"update_time":{"description":"更新时间,格式ISO8601:YYYY-MM-DDTHH:mm:ss.ms+timezone。时区信息为事件发生时区,无法解析时区的时间,默认时区填东八区","example":"2023-02-27T20:28:53.001Z+0800","maxLength":30,"minLength":0,"type":"string"},"user_info":{"description":"用户信息","items":{"properties":{"user_id":{"description":"用户uid","example":"909494e3-558e-46b6-a9eb-07a8e18ca621","maxLength":36,"minLength":0,"type":"string"},"user_name":{"description":"用户名称","example":"张三","maxLength":64,"minLength":32,"type":"string"}}},"maxItems":999,"minItems":0,"type":"array"},"verification_state":{"description":"验证状态,标识事件的准确性。可选类型如下:\nUnknown – 未知\nTrue_Positive – 确认\nFalse_Positive – 误报\n默认填写Unknown","enum":["Unknown","True_Positive","False_Positive"],"example":"Unknown","maxLength":64,"minLength":32,"type":"string"},"version":{"description":"事件对象的版本,该字段的值必须为华为云SSA服务确定的官方发布版本之一","example":"1.0","maxLength":64,"minLength":0,"type":"string"},"workspace_id":{"description":"当前的工作空间id","example":"909494e3-558e-46b6-a9eb-07a8e18ca624","maxLength":36,"minLength":0,"type":"string"}}},"IncidentDetail":{"properties":{"create_time":{"description":"记录时间,格式ISO8601:YYYY-MM-DDTHH:mm:ss.ms+timezone。时区信息为事件发生时区,无法解析时区的时间,默认时区填东八区","example":"2023-02-25T12:00:29.623Z+0800","maxLength":30,"minLength":0,"type":"string"},"data_object":{"$ref":"#/definitions/Incident"},"dataclass_ref":{"description":"数据类对象","properties":{"id":{"description":"数据类唯一标识,UUID格式,最大36个字符","example":"909494e3-558e-46b6-a9eb-07a8e18ca621","maxLength":36,"minLength":0,"type":"string"},"name":{"description":"数据类名称","example":"Alert","maxLength":36,"minLength":0,"type":"string"}},"type":"object"},"format_version":{"description":"格式版本","example":1,"maximum":999,"minimum":0,"type":"integer"},"id":{"description":"事件唯一标识,UUID格式,最大36个字符","example":"909494e3-558e-46b6-a9eb-07a8e18ca621","maxLength":36,"minLength":0,"type":"string"},"project_id":{"description":"当前项目的id","example":"909494e3-558e-46b6-a9eb-07a8e18ca626","maxLength":64,"minLength":0,"type":"string"},"update_time":{"description":"更新时间,格式ISO8601:YYYY-MM-DDTHH:mm:ss.ms+timezone。时区信息为告警发生时区,无法解析时区的时间,默认时区填东八区","example":"2023-02-27T20:28:53.001Z+0800","maxLength":30,"minLength":0,"type":"string"},"version":{"description":"版本","example":0,"maximum":999,"minimum":0,"type":"integer"},"workspace_id":{"description":"当前的工作空间id","example":"909494e3-558e-46b6-a9eb-07a8e18ca624","maxLength":36,"minLength":0,"type":"string"}}}},"description":null,"group_id":"705709df764d40488141daec53da8672","host":"secmaster.cn-north-4.myhuaweicloud.com","id":"be73efd2a8254213b7ded5ae1396e1ec","info_version":"v2","method":"put","name":"ChangeIncident","parameters":{"X-Auth-Token":{"description":"用户Token。\n通过调用IAM服务获取用户Token接口获取(响应消息头中X-Subject-Token的值)","in":"header","maxLength":2097152,"minLength":0,"name":"X-Auth-Token","required":true,"type":"string","x-example":"MIIDkgYJKoZIhvcNAQcCoIIDgzCCXXXXX..."},"content-type":{"default":"application/json;charset=UTF-8","description":"内容类型","in":"header","maxLength":64,"minLength":0,"name":"content-type","required":true,"type":"string"},"incident_id":{"description":"事件ID","in":"path","maxLength":36,"minLength":32,"name":"incident_id","required":true,"type":"string"},"project_id":{"description":"项目id","in":"path","maxLength":36,"minLength":32,"name":"project_id","required":true,"type":"string"},"workspace_id":{"description":"工作空间id","in":"path","maxLength":36,"minLength":32,"name":"workspace_id","required":true,"type":"string"}},"paths":{"/v1/{project_id}/workspaces/{workspace_id}/soc/incidents/{incident_id}":{"put":{"description":"编辑事件,根据实际修改的属性更新,未修改的列不更新","operationId":"ChangeIncident","parameters":[{"$ref":"#/parameters/X-Auth-Token"},{"$ref":"#/parameters/content-type"},{"$ref":"#/parameters/project_id"},{"$ref":"#/parameters/workspace_id"},{"$ref":"#/parameters/incident_id"},{"description":"更新事件请求body体","in":"body","name":"ChangeIncidentRequestBody","required":true,"schema":{"$ref":"#/definitions/ChangeIncidentRequestBody"}}],"produces":["application/json"],"responses":{"200":{"description":"更新事件返回body体","examples":{"application/json":{"code":"909494e3-558e-46b6-a9eb-07a8e18ca62f","data":{"create_time":"2021-01-30T23:00:00Z+0800","data_object":{"actor":"刘一博","arrive_time":"2021-01-30T23:00:00Z+0800","close_comment":"误检;已解决;重复;其他","close_reason":"误检;已解决;重复;其他","close_time":"2021-01-30T23:00:00Z+0800","confidence":4,"count":4,"create_time":"2021-01-30T23:00:00Z+0800","creator":"MyXXX","criticality":4,"data_source":{"domain_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","project_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","region_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","source_type":3},"description":"This my XXXX","environment":{"domain_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","project_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","region_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","vendor_type":"MyXXX"},"file_info":[{"file_attr":"MyXXX","file_content":"MyXXX","file_hash":"MyXXX","file_md5":"MyXXX","file_new_path":"MyXXX","file_path":"MyXXX","file_sha256":"MyXXX"}],"first_observed_time":"2021-01-30T23:00:00Z+0800","handle_status":"Open – 打开,Block – 阻塞,Closed – 关闭。默认填写Open","id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","incident_type":{},"ipdrr_phase":"Prepartion|Detection and Analysis|Containm,Eradication& Recovery| Post-Incident-Activity","last_observed_time":"2021-01-30T23:00:00Z+0800","malware":{"malware_class":"恶意占用内存","malware_family":"family"},"network_list":[{"dest_domain":"xxx","dest_geo":{"latitude":90,"longitude":180},"dest_ip":"192.168.0.1","dest_port":"1","direction":{"IN":null},"protocol":"TCP","src_domain":"xxx","src_geo":{"latitude":90,"longitude":180},"src_ip":"192.168.0.1","src_port":"1"}],"owner":"MyXXX","process":[{"process_cmdline":"MyXXX","process_name":"MyXXX","process_path":"MyXXX","process_pid":123,"process_uid":123}],"remediation":{"recommendation":"MyXXX","url":"MyXXX"},"resource_list":[{"domain_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","ep_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","ep_name":"MyXXX","id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","name":"MyXXX","project_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","region_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","tags":"909494e3-558e-46b6-a9eb-07a8e18ca62f","type":"MyXXX"}],"severity":"TIPS","simulation":"false","sla":60000,"source_url":"http://xxx","system_info":{},"title":"MyXXX","update_time":"2021-01-30T23:00:00Z+0800","user_info":[{"user_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","user_name":"MyXXX"}],"verification_state":"Unknown – 未知,True_Positive – 确认,False_Positive – 误报。默认填写Unknown","version":"1.0","workspace_id":"909494e3-558e-46b6-a9eb-07a8e18ca620"},"project_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","update_time":"2021-01-30T23:00:00Z+0800","workspace_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f"},"message":"Error message"}},"headers":{"X-request-id":{"description":"请求ID,格式为:request_uuid-timestamp-hostname","type":"string"}},"schema":{"$ref":"#/definitions/ChangeIncidentResponseBody"}},"400":{"description":"更新事件错误返回body体","headers":{"X-request-id":{"description":"请求ID,格式为:request_uuid-timestamp-hostname","type":"string"}},"schema":{"$ref":"#/definitions/ErrorRsp"}}},"summary":"更新事件","tags":["事件管理"],"x-is-registered":"N","x-request-examples-1":{"data_object":{"actor":"刘一博","arrive_time":"2021-01-30T23:00:00Z+0800","close_comment":"误检;已解决;重复;其他","close_reason":"误检;已解决;重复;其他","close_time":"2021-01-30T23:00:00Z+0800","confidence":4,"count":4,"create_time":"2021-01-30T23:00:00Z+0800","creator":"MyXXX","criticality":4,"data_source":{"domain_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","project_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","region_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","source_type":3},"description":"This my XXXX","environment":{"domain_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","project_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","region_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","vendor_type":"MyXXX"},"file_info":[{"file_attr":"MyXXX","file_content":"MyXXX","file_hash":"MyXXX","file_md5":"MyXXX","file_new_path":"MyXXX","file_path":"MyXXX","file_sha256":"MyXXX"}],"first_observed_time":"2021-01-30T23:00:00Z+0800","handle_status":"Open – 打开,Block – 阻塞,Closed – 关闭。默认填写Open","id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","incident_type":{},"ipdrr_phase":"Prepartion|Detection and Analysis|Containm,Eradication& Recovery| Post-Incident-Activity","last_observed_time":"2021-01-30T23:00:00Z+0800","malware":{"malware_class":"恶意占用内存","malware_family":"family"},"network_list":[{"dest_domain":"xxx","dest_geo":{"latitude":90,"longitude":180},"dest_ip":"192.168.0.1","dest_port":"1","direction":{"IN":null},"protocol":"TCP","src_domain":"xxx","src_geo":{"latitude":90,"longitude":180},"src_ip":"192.168.0.1","src_port":"1"}],"owner":"MyXXX","process":[{"process_cmdline":"MyXXX","process_name":"MyXXX","process_path":"MyXXX","process_pid":123,"process_uid":123}],"remediation":{"recommendation":"MyXXX","url":"MyXXX"},"resource_list":[{"domain_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","ep_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","ep_name":"MyXXX","id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","name":"MyXXX","project_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","region_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","tags":"909494e3-558e-46b6-a9eb-07a8e18ca62f","type":"MyXXX"}],"severity":"TIPS","simulation":"false","sla":60000,"source_url":"http://xxx","system_info":{},"title":"MyXXX","update_time":"2021-01-30T23:00:00Z+0800","user_info":[{"user_id":"909494e3-558e-46b6-a9eb-07a8e18ca62f","user_name":"MyXXX"}],"verification_state":"Unknown – 未知,True_Positive – 确认,False_Positive – 误报。默认填写Unknown","version":"1.0","workspace_id":"909494e3-558e-46b6-a9eb-07a8e18ca620"}},"x-request-examples-description-1":"更新一条事件,事件标题为MyXXX,URL链接为http://xxx,发生次数为4次,置信度为4。","x-support-sdk":"Y","x-surpport-apiexplorer":true}}},"product_short":"SecMaster","region_id":"cn-north-4","schemes":["HTTPS"],"security_definitions":null,"summary":"更新事件","tags":"事件管理","uri":null,"version":"2.0"}