华为云首页 用户手册

安全云脑 SECMASTER-创建事件:Go

安全云脑 SECMASTER-创建事件:Go

时间:2023-12-06 18:52:42
安全云脑 SECMASTER

Go

创建一条事件,事件标题为MyXXX,标签为MyXXX,严重级别为tips,发生次数为4次。

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
 
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    secmaster "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := secmaster.NewSecMasterClient(
        secmaster.SecMasterClientBuilder().
            WithRegion(region.ValueOf("cn-north-4")).
            WithCredential(auth).
            Build())

    request := &model.CreateIncidentRequest{}
	filePathFileInfo:= "MyXXX"
	fileContentFileInfo:= "MyXXX"
	fileNewPathFileInfo:= "MyXXX"
	fileHashFileInfo:= "MyXXX"
	fileMd5FileInfo:= "MyXXX"
	fileSha256FileInfo:= "MyXXX"
	fileAttrFileInfo:= "MyXXX"
	var listFileInfoDataObject = []model.IncidentFileInfo{
        {
            FilePath: &filePathFileInfo,
            FileContent: &fileContentFileInfo,
            FileNewPath: &fileNewPathFileInfo,
            FileHash: &fileHashFileInfo,
            FileMd5: &fileMd5FileInfo,
            FileSha256: &fileSha256FileInfo,
            FileAttr: &fileAttrFileInfo,
        },
    }
	userIdUserInfo:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	userNameUserInfo:= "MyXXX"
	var listUserInfoDataObject = []model.IncidentUserInfo{
        {
            UserId: &userIdUserInfo,
            UserName: &userNameUserInfo,
        },
    }
	processNameProcess:= "MyXXX"
	processPathProcess:= "MyXXX"
	processPidProcess:= int32(123)
	processUidProcess:= int32(123)
	processCmdlineProcess:= "MyXXX"
	var listProcessDataObject = []model.IncidentProcess{
        {
            ProcessName: &processNameProcess,
            ProcessPath: &processPathProcess,
            ProcessPid: &processPidProcess,
            ProcessUid: &processUidProcess,
            ProcessCmdline: &processCmdlineProcess,
        },
    }
	malwareFamilyMalware:= "family"
	malwareClassMalware:= "恶意占用内存"
	malwareDataObject := &model.IncidentMalware{
		MalwareFamily: &malwareFamilyMalware,
		MalwareClass: &malwareClassMalware,
	}
	recommendationRemediation:= "MyXXX"
	urlRemediation:= "MyXXX"
	remediationDataObject := &model.IncidentRemediation{
		Recommendation: &recommendationRemediation,
		Url: &urlRemediation,
	}
	idResourceList:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	nameResourceList:= "MyXXX"
	typeResourceList:= "MyXXX"
	regionIdResourceList:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	domainIdResourceList:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	projectIdResourceList:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	epIdResourceList:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	epNameResourceList:= "MyXXX"
	tagsResourceList:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	var listResourceListDataObject = []model.IncidentResourceList{
        {
            Id: &idResourceList,
            Name: &nameResourceList,
            Type: &typeResourceList,
            RegionId: &regionIdResourceList,
            DomainId: &domainIdResourceList,
            ProjectId: &projectIdResourceList,
            EpId: &epIdResourceList,
            EpName: &epNameResourceList,
            Tags: &tagsResourceList,
        },
    }
	latitudeDestGeo:= float32(90)
	longitudeDestGeo:= float32(180)
	destGeoNetworkList := &model.IncidentDestGeo{
		Latitude: &latitudeDestGeo,
		Longitude: &longitudeDestGeo,
	}
	latitudeSrcGeo:= float32(90)
	longitudeSrcGeo:= float32(180)
	srcGeoNetworkList := &model.IncidentSrcGeo{
		Latitude: &latitudeSrcGeo,
		Longitude: &longitudeSrcGeo,
	}
	directionNetworkList:= model.GetIncidentNetworkListDirectionEnum().{}
	protocolNetworkList:= "TCP"
	srcIpNetworkList:= "192.168.0.1"
	srcPortNetworkList:= int32(1)
	srcDomainNetworkList:= "xxx"
	destIpNetworkList:= "192.168.0.1"
	destPortNetworkList:= "1"
	destDomainNetworkList:= "xxx"
	var listNetworkListDataObject = []model.IncidentNetworkList{
        {
            Direction: &directionNetworkList,
            Protocol: &protocolNetworkList,
            SrcIp: &srcIpNetworkList,
            SrcPort: &srcPortNetworkList,
            SrcDomain: &srcDomainNetworkList,
            SrcGeo: srcGeoNetworkList,
            DestIp: &destIpNetworkList,
            DestPort: &destPortNetworkList,
            DestDomain: &destDomainNetworkList,
            DestGeo: destGeoNetworkList,
        },
    }
	categoryIncidentType:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	incidentTypeIncidentType:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	incidentTypeDataObject := &model.IncidentIncidentType{
		Category: &categoryIncidentType,
		IncidentType: &incidentTypeIncidentType,
	}
	sourceTypeDataSource:= int32(3)
	domainIdDataSource:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	projectIdDataSource:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	regionIdDataSource:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	productNameDataSource:= "test"
	productFeatureDataSource:= "test"
	dataSourceDataObject := &model.IncidentDataSource{
		SourceType: &sourceTypeDataSource,
		DomainId: &domainIdDataSource,
		ProjectId: &projectIdDataSource,
		RegionId: &regionIdDataSource,
		ProductName: &productNameDataSource,
		ProductFeature: &productFeatureDataSource,
	}
	vendorTypeEnvironment:= "MyXXX"
	domainIdEnvironment:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	regionIdEnvironment:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	projectIdEnvironment:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	environmentDataObject := &model.IncidentEnvironment{
		VendorType: &vendorTypeEnvironment,
		DomainId: &domainIdEnvironment,
		RegionId: &regionIdEnvironment,
		ProjectId: &projectIdEnvironment,
	}
	versionDataObject:= "1.0"
	idDataObject:= "909494e3-558e-46b6-a9eb-07a8e18ca62f"
	workspaceIdDataObject:= "909494e3-558e-46b6-a9eb-07a8e18ca620"
	labelsDataObject:= "MyXXX"
	firstObservedTimeDataObject:= "2021-01-30T23:00:00Z+0800"
	lastObservedTimeDataObject:= "2021-01-30T23:00:00Z+0800"
	createTimeDataObject:= "2021-01-30T23:00:00Z+0800"
	arriveTimeDataObject:= "2021-01-30T23:00:00Z+0800"
	titleDataObject:= "MyXXX"
	descriptionDataObject:= "This my XXXX"
	sourceUrlDataObject:= "http://xxx"
	countDataObject:= int32(4)
	confidenceDataObject:= int32(4)
	severityDataObject:= model.GetIncidentSeverityEnum().TIPS
	criticalityDataObject:= int32(4)
	verificationStateDataObject:= model.GetIncidentVerificationStateEnum().UNKNOWN__未知,TRUE_POSITIVE__确认,FALSE_POSITIVE__误报默认填写UNKNOWN
	handleStatusDataObject:= model.GetIncidentHandleStatusEnum().OPEN__打开,BLOCK__阻塞,CLOSED__关闭默认填写OPEN
	slaDataObject:= int32(60000)
	updateTimeDataObject:= "2021-01-30T23:00:00Z+0800"
	closeTimeDataObject:= "2021-01-30T23:00:00Z+0800"
	ipdrrPhaseDataObject:= model.GetIncidentIpdrrPhaseEnum().PREPARTION|DETECTION_AND_ANALYSIS|CONTAINM,ERADICATION&_RECOVERY|_POST_INCIDENT_ACTIVITY
	simulationDataObject:= "false"
	actorDataObject:= "刘一博"
	ownerDataObject:= "MyXXX"
	creatorDataObject:= "MyXXX"
	closeReasonDataObject:= model.GetIncidentCloseReasonEnum().误检;已解决;重复;其他
	closeCommentDataObject:= "误检;已解决;重复;其他"
	var systemInfoDataObject interface{} = make(map[string]string)
	dataObjectbody := &model.Incident{
		Version: &versionDataObject,
		Id: &idDataObject,
		WorkspaceId: &workspaceIdDataObject,
		Labels: &labelsDataObject,
		Environment: environmentDataObject,
		DataSource: dataSourceDataObject,
		FirstObservedTime: &firstObservedTimeDataObject,
		LastObservedTime: &lastObservedTimeDataObject,
		CreateTime: &createTimeDataObject,
		ArriveTime: &arriveTimeDataObject,
		Title: &titleDataObject,
		Description: &descriptionDataObject,
		SourceUrl: &sourceUrlDataObject,
		Count: &countDataObject,
		Confidence: &confidenceDataObject,
		Severity: &severityDataObject,
		Criticality: &criticalityDataObject,
		IncidentType: incidentTypeDataObject,
		NetworkList: &listNetworkListDataObject,
		ResourceList: &listResourceListDataObject,
		Remediation: remediationDataObject,
		VerificationState: &verificationStateDataObject,
		HandleStatus: &handleStatusDataObject,
		Sla: &slaDataObject,
		UpdateTime: &updateTimeDataObject,
		CloseTime: &closeTimeDataObject,
		IpdrrPhase: &ipdrrPhaseDataObject,
		Simulation: &simulationDataObject,
		Actor: &actorDataObject,
		Owner: &ownerDataObject,
		Creator: &creatorDataObject,
		CloseReason: &closeReasonDataObject,
		CloseComment: &closeCommentDataObject,
		Malware: malwareDataObject,
		SystemInfo: &systemInfoDataObject,
		Process: &listProcessDataObject,
		UserInfo: &listUserInfoDataObject,
		FileInfo: &listFileInfoDataObject,
	}
	request.Body = &model.CreateIncidentRequestBody{
		DataObject: dataObjectbody,
	}
	response, err := client.CreateIncident(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}
support.huaweicloud.com/api-secmaster/CreateIncident.html
看了此文的人还看了
CDN加速 GaussDB 文字转换成语音 免费的服务器 如何创建网站 域名网站购买 私有云桌面 云主机哪个好 域名怎么备案 手机云电脑 SSL证书申请 云点播服务器 免费OCR是什么 电脑云桌面 域名备案怎么弄 语音转文字 文字图片识别 云桌面是什么 网址安全检测 网站建设搭建 国外CDN加速 SSL免费证书申请 短信批量发送 图片OCR识别 云数据库MySQL 个人域名购买 录音转文字 扫描图片识别文字 OCR图片识别 行驶证识别 虚拟电话号码 电话呼叫中心软件 怎么制作一个网站 Email注册网站 华为VNC 图像文字识别 企业网站制作 个人网站搭建 华为云计算 免费租用云托管 云桌面云服务器 ocr文字识别免费版 HTTPS证书申请 图片文字识别转换 国外域名注册商 使用免费虚拟主机 云电脑主机多少钱 鲲鹏云手机 短信验证码平台 OCR图片文字识别 SSL证书是什么 申请企业邮箱步骤 免费的企业用邮箱 云免流搭建教程 域名价格
安全云脑 SECMASTER-创建事件:Go

搜索反馈

您搜索到想要的结果了吗?

是的 没有

意见反馈

0/200

提交 取消

提交成功!非常感谢您的反馈,我们会继续努力做到更好 反馈提交失败!请稍后重试!
热门活动
推荐文章
更多内容
云硬盘存储EVS Web应用防火墙 人机语音识别 开发者大会2023 云计算入门 云数据库选择 HDC大会 华为云计算 响应式建站是什么 智慧班牌系统