Querying the List of Blocked IP Addresses

Function

This API is used to query the list of blocked IP addresses.

URI

GET /v5/{project_id}/event/blocked-ip

Table 1 Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID

Table 2 Query Parameters
Parameter	Mandatory	Type	Description
enterprise_project_id	No	String	Enterprise project ID. To query all enterprise projects, set this parameter to all_granted_eps.
last_days	No	Integer	Number of days to be queried. This parameter is manually exclusive with begin_time and end_time.
host_name	No	String	Server name
src_ip	No	String	Attack source IP address
intercept_status	No	String	Interception status. The options are as follows: intercepted canceled (unblocked) cancelling
offset	No	Integer	Offset, which specifies the start position of the record to be returned.
limit	No	Integer	Number of records displayed on each page.

Request Parameters

Table 3 Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
region	Yes	String	Region ID

Response Parameters

Status code: 200

Table 4 Response body parameters
Parameter	Type	Description
total_num	Integer	Total number
data_list	Array of BlockedIpResponseInfo objects	Blocked IP address details

Table 5 BlockedIpResponseInfo
Parameter	Type	Description
host_id	String	Host ID
host_name	String	Server name
src_ip	String	Attack source IP address
login_type	String	Login type. The options are as follows: "mysql" # MySQL service "rdp" # RDP service "ssh" # SSH service "vsftp" # vsftp service
intercept_num	Integer	Blocks
intercept_status	String	Interception status. The options are as follows: intercepted canceled (unblocked) cancelling
block_time	Long	Interception start time, in milliseconds.
latest_time	Long	Latest interception time, in milliseconds.

Example Requests

Query the first 10 blocked IP addresses.

GET https://{endpoint}/v5/{project_id}/event/blocked-ip?limit=10&offset=0&enterprise_project_id=xxx

Example Responses

Status code: 200

Request succeeded.

{
  "data_list" : [ {
    "block_time" : 1698715135407,
    "host_id" : "1c62fe52-0c84-4ee4-8dba-d892c5ad0ab0",
    "host_name" : "dfx-a00607964-0011",
    "intercept_num" : 230,
    "intercept_status" : "canceled",
    "latest_time" : 1698715296786,
    "login_type" : "ssh",
    "src_ip" : "100.85.239.180"
  } ],
  "total_num" : 1
}

Status Codes

Status Code	Description
200	Request succeeded.

Error Codes

See Error Codes.

Parent topic: Event Management

Предыдущая статья

Event Management

Следующая статья

Unblocking a Blocked IP Address

Была ли эта статья полезна?

Поддержка Юридические документы