tencent cloud

APIs

文档APIsTencent Container Security ServiceImage Security APIsDescribeVulDefenceEventDetail

DescribeVulDefenceEventDetail

下载
聚焦模式
字号
最后更新时间: 2026-06-10 17:06:04

1. API Description

Domain name for API request: tcss.intl.tencentcloudapi.com.

This API is used to query the details of an exploit prevention event.

A maximum of 20 requests can be initiated per second for this API.

We recommend you to use API Explorer
Try it
API Explorer provides a range of capabilities, including online call, signature authentication, SDK code generation, and API quick search. It enables you to view the request, response, and auto-generated examples.

2. Input Parameters

The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.

Parameter Name Required Type Description
Action Yes String Common Params. The value used for this API: DescribeVulDefenceEventDetail.
Version Yes String Common Params. The value used for this API: 2020-11-01.
Region No String Common Params. This parameter is not required.
EventID Yes Integer Event ID

3. Output Parameters

Parameter Name Type Description
EventDetail VulDefenceEventDetail Exploit prevention event details
RequestId String The unique request ID, generated by the server, will be returned for every request (if the request fails to reach the server for other reasons, the request will not obtain a RequestId). RequestId is required for locating a problem.

4. Example

Example1 Query vulnerability defense event details.

Query vulnerability defense event details.

Input Example

POST / HTTP/1.1
Host: tcss.intl.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeVulDefenceEventDetail
<Common request parameters>

{
    "EventID": "1002"
}

Output Example

{
    "Response": {
        "EventDetail": {
            "CVEID": "CVE-2021-44228",
            "City": "Beijing",
            "ClusterID": "cls-dfw3e***",
            "ClusterName": "clsfoo***",
            "ContainerID": "5457113fd88a5cc8f88391f7387ad2f1b23c4b9a154f12fc725cfa8b134134",
"ContainerIsolateOperationSrc": "Runtime security/Virus scanning"
            "ContainerName": "/cve-2021-44228-solr-1",
            "ContainerNetStatus": "NORMAL",
            "ContainerNetSubStatus": "NONE",
            "ContainerStatus": "RUNNING",
"Description": "The access source (IP:) initiated a vulnerability exploitation attack on the container (ID:5457113fd8...)"
            "EventCount": 20,
            "EventID": 30061,
            "EventType": "EVENT_DEFENDED",
            "HostIP": "172.16.51.209",
            "HostName": "harborV2_yancyw",
            "ImageID": "sha256:052794134d434bc2db0775211589beb372412af333a262d16841893418941894",
            "ImageName": "vulhub/solr:8.11.0",
            "JNDIUrl": "http://10.0.0.1",
            "MainClass": "org.eclipse.jetty.start.Main",
            "Namespace": "tcss",
            "NetworkPayload": ": \n",
            "NodeID": "mix-GOmf****",
            "NodeSubNetCIDR": "10.0.200.0/24",
            "NodeSubNetID": "subnet-5gu2***",
            "NodeSubNetName": "subnet***",
            "NodeType": "NORMAL",
            "NodeUniqueID": "896e349d-2e7d-4151-a26f-4e9fdafe****",
"OfficialSolution": "The vendor has released an upgrade patch to fix the vulnerability. Patch download link: https://logging.apache.org/log4j/2.x/security.html"
            "PID": 20545,
            "PocID": "pcmgr-333393",
            "PodIP": "10.0.1.92",
            "PodName": "agent-test-2zrp7",
            "PublicIP": "127.2.3.4",
            "QUUID": "380add75-bb06-4cc4-84c5-cf806d102fba",
            "RaspDetail": [
                {
                    "Name": "jndiurl",
                    "Value": "ldap://1.8.0_102.example.com"
                }
            ],
            "ServerAccount": "server account",
            "ServerArg": "server avg",
            "ServerExe": "server exe",
            "ServerPort": "3306",
            "SourceIP": "10.0.1.2",
            "SourcePort": [
                "3306"
            ],
            "StackTrace": "org.apache.logging.log4j.core.lookup.JndiLookup.lookup\norg.apache.logging.log4j.core.lookup.Interpolator.lookup\norg.apache.logging.log4j.core.lookup.StrSubstitutor.resolveVariable\norg.apache.logging.log4j.core.lookup.StrSubstitutor.substitute\norg.apache.logging.log4j.core.lookup.StrSubstitutor.substitute\norg.apache.logging.log4j.core.lookup.StrSubstitutor.replace\norg.apache.logging.log4j.core.pattern.MessagePatternConverter.format\norg.apache.logging.log4j.core.pattern.PatternFormatter.format\norg.apache.logging.log4j.core.pattern.MaxLengthConverter.format\norg.apache.logging.log4j.core.pattern.PatternFormatter.format\n",
            "Status": "EVENT_DEFENDED",
"VulName": "Apache log4j2 Remote Code Execution Vulnerability (CVE-2021-44228)"
            "WorkloadType": "DaemonSet"
        },
        "RequestId": "2f944254-e774-4f19-ac09-c9c1bdf311f6"
    }
}

5. Developer Resources

SDK

TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.

Command Line Interface

6. Error Code

The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.

Error Code Description
AuthFailure A CAM signature/authentication error occurred.
FailedOperation The operation failed.
InternalError An internal error occurred.
InvalidParameter The parameter is incorrect.
InvalidParameter.InvalidFormat The parameter format is incorrect.
InvalidParameter.MissingParameter The required parameter is missing.
InvalidParameter.ParsingError A parameter parsing error occurred.
InvalidParameterValue The parameter value is incorrect.
MissingParameter The parameter is missing.
ResourceNotFound The resource does not exist.
上一篇: DescribeContainerAssetSummary下一篇: DescribeVulSummary

帮助和支持

本页内容是否解决了您的问题?

填写满意度调查问卷,共创更好文档体验。

文档反馈