1. 接口描述
接口请求域名: tcss.tencentcloudapi.com 。
获取ES查询文档列表
默认接口请求频率限制:20次/秒。
推荐使用 API Explorer
点击调试
API Explorer 提供了在线调用、签名验证、SDK 代码生成和快速检索接口等能力。您可查看每次调用的请求内容和返回结果以及自动生成 SDK 调用示例。
2. 输入参数
以下请求参数列表仅列出了接口请求参数和部分公共参数,完整公共参数列表见 公共请求参数。
| 参数名称 | 必选 | 类型 | 描述 |
|---|---|---|---|
| Action | 是 | String | 公共参数,本接口取值:DescribeESHits。 |
| Version | 是 | String | 公共参数,本接口取值:2020-11-01。 |
| Region | 否 | String | 公共参数,此参数为可选参数。 |
| Query | 是 | String | ES查询条件JSON 示例值:{"index":[],"body":"{"query":{"bool":{"filter":{"bool":{"filter":{"range":{"insert_time":{"gte":1729699200000,"lte":1729765759984}}},"must":[],"must_not":[],"should":[]}}}},"highlight":{"fields":{"*":{}}},"sort":[{"insert_time":"desc"}],"track_total_hits":true}"} |
| Offset | 否 | Integer | 偏移量,默认为0。 示例值:1 |
| Limit | 否 | Integer | 返回数量,最大值为100。 示例值:1 |
| LogTypes.N | 否 | Array of String | 日志类型列表 示例值:[ "asset_container", "asset_local_image", "asset_registry_image", "asset_host", "asset_cluster", "asset_pod", "asset_service", "asset_ingress", "asset_process", "asset_port", "asset_web_service", "asset_app", "asset_db", "container_bash", "container_launch", "k8s_api", "local_image_virus", "local_image_risk", "local_image_vul", "registry_image_virus", "registry_image_risk", "registry_image_vul", "image_deny", "cluster_risk_vul", "cluster_risk_cfg", "baseline_docker_container", "baseline_docker_image", "baseline_docker_host", "baseline_containerd_container", "baseline_k8s", "baseline_containerd_host", "container_escape", "reverse_shell", "container_virus", "malicious_connection", "abnormal_process", "access_control", "risk_syscall", "abnormal_k8s_api" ] |
3. 输出参数
| 参数名称 | 类型 | 描述 |
|---|---|---|
| Data | String | ES查询结果JSON 示例值:{ "took": 325, "hits": { "total": { "value": 6271209, "relation": "eq" }, "hits": [ { "index": "userlog-k8s-api-1256299843-000001", "type": "doc", "id": "h38SvpIBC41NeSj8xBMf", "seqno": null, "primaryterm": null, "sort": [ 1729765753848 ], "source": { "appid": 1256299843, "clusterid": "cls-7dget88s", "container_id": "", "container_name": "", "eks_id": "", "eks_md5": "d41d8cd98f00b204e9800998ecf8427e", "event_time": "2024-10-24T10:29:10.952981Z", "image_id": "", "image_name": "", "insert_time": "2024-10-24T18:29:13.848230558+08:00", "node_id": "", "quuid": "428fb819-bc1e-4b0a-8bc1-a9fc2d6ac950", "receive_time": "2024-10-24T18:29:13+08:00", "uuid": "428fb819-bc1e-4b0a-8bc1-a9fc2d6ac950", "client_ip": "172.17.1.11", "uin": "100004506473", "ca_md5": "d68df8fc35e2f1f443074410f2492f40", "kind": "Event", "apiVersion": "audit.k8s.io/v1", "level": "Request", "auditID": "424d7ab6-b3af-4a23-a270-a86ebf4c8a3a", "stage": "ResponseComplete", "requestURI": "/apis/coordination.k8s.io/v1/namespaces/kube-system/leases/cluster-autoscaler", "verb": "get", "user": { "username": "admin", "uid": "admin", "groups": "["system:masters","system:authenticated"]" }, "sourceIPs": [ "169.254.128.40" ], "userAgent": "cluster-autoscaler/v0.0.0 (linux/amd64) kubernetes/$Format", "objectRef": { "resource": "leases", "namespace": "kube-system", "name": "cluster-autoscaler", "apiGroup": "coordination.k8s.io", "apiVersion": "v1" }, "responseStatus": { "metadata": "{}", "code": 200 }, "requestReceivedTimestamp": "2024-10-24T10:29:10.952981Z", "stageTimestamp": "2024-10-24T10:29:10.955037Z", "annotations": { "authorization.k8s.io/decision": "allow", "authorization.k8s.io/reason": "" }, "clusterId": "cls-7dget88s", "requestObject": { "metadata": "" }, "responseObject": { "metadata": "" } } } ] }, "_shards": { "total": 9, "successful": 9, "failed": 0 } } |
| RequestId | String | 唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。 |
4. 示例
示例1 获取ES查询文档列表
输入示例
POST / HTTP/1.1
Host: tcss.tencentcloudapi.com
Content-Type: application/json
X-TC-Action: DescribeESHits
<公共请求参数>
{
"Query": "{\"index\":[\"netflow\"],\"body\":{\"query\":{\"bool\":{\"filter\":{\"bool\":{\"filter\":{\"range\":{\"timestamp\":{\"gte\":1597075200000,\"lte\":1597161599999}}},\"must\":[],\"must_not\":[],\"should\":[]}}}},\"highlight\":{\"fields\":{\"*\":{}}}},\"sort\":[{\"timestamp\":\"desc\"}]}",
"Offset": 0,
"Limit": 10
}输出示例
{
"Response": {
"Data": "{\"took\":0,\"timed_out\":false,\"_shards\":{\"total\":1,\"successful\":1,\"skipped\":0,\"failed\":0},\"hits\":{\"total\":{\"value\":938,\"relation\":\"eq\"},\"max_score\":1.0,\"hits\":[{\"_index\":\"userlog-1256299843-asset_account-202026\",\"_type\":\"_doc\",\"_id\":\"PsAsunMBxgMcMHXNMzGL\",\"_score\":1.0,\"_source\":{\"id\":12900000007108,\"create_time\":\"2020-07-02T09:18:45+08:00\",\"modify_time\":\"2020-07-02T09:18:45+08:00\",\"uuid\":\"454a07be-8f21-11e9-818b-5cb9019b3cb0\",\"hostip\":\"172.21.0.14\",\"guid\":\"14f7981c-48f3-4d58-846e-fb2c86e9c7e2\",\"appid\":1256953985,\"user_name\":\"root\",\"groups\":\"root\",\"account_create_time\":\"1970-01-01T08:00:00+08:00\",\"last_login_time\":\"1970-01-01T08:00:00+08:00\",\"shell_path\":\"/bin/bash\",\"is_login_account\":1,\"is_hidden_account\":0,\"is_without_pwd\":0,\"account_privilege\":0,\"platform\":4,\"status\":0}},{\"_index\":\"userlog-1256299843-asset_account-202026\",\"_type\":\"_doc\",\"_id\":\"XMgsunMBuMj9w9DkMwS1\",\"_score\":1.0,\"_source\":{\"id\":12900000007109,\"create_time\":\"2020-07-02T09:18:45+08:00\",\"modify_time\":\"2020-07-02T09:18:45+08:00\",\"uuid\":\"454a07be-8f21-11e9-818b-5cb9019b3cb0\",\"hostip\":\"172.21.0.14\",\"guid\":\"14f7981c-48f3-4d58-846e-fb2c86e9c7e2\",\"appid\":1256953985,\"user_name\":\"bin\",\"groups\":\"bin\",\"account_create_time\":\"1970-01-01T08:00:00+08:00\",\"last_login_time\":\"1970-01-01T08:00:00+08:00\",\"shell_path\":\"/sbin/nologin\",\"is_login_account\":0,\"is_hidden_account\":0,\"is_without_pwd\":1,\"account_privilege\":1,\"platform\":4,\"status\":0}},{\"_index\":\"userlog-1256299843-asset_account-202026\",\"_type\":\"_doc\",\"_id\":\"aMgsunMBuMj9w9DkMwS-\",\"_score\":1.0,\"_source\":{\"id\":12900000007110,\"create_time\":\"2020-07-02T09:18:45+08:00\",\"modify_time\":\"2020-07-02T09:18:45+08:00\",\"uuid\":\"454a07be-8f21-11e9-818b-5cb9019b3cb0\",\"hostip\":\"172.21.0.14\",\"guid\":\"14f7981c-48f3-4d58-846e-fb2c86e9c7e2\",\"appid\":1256953985,\"user_name\":\"daemon\",\"groups\":\"daemon\",\"account_create_time\":\"1970-01-01T08:00:00+08:00\",\"last_login_time\":\"1970-01-01T08:00:00+08:00\",\"shell_path\":\"/sbin/nologin\",\"is_login_account\":0,\"is_hidden_account\":0,\"is_without_pwd\":1,\"account_privilege\":1,\"platform\":4,\"status\":0}}]}}",
"RequestId": "e4ee7f6c-a036-43e7-b98f-96f174827fea"
}
}5. 开发者资源
腾讯云 API 平台
腾讯云 API 平台 是综合 API 文档、错误码、API Explorer 及 SDK 等资源的统一查询平台,方便您从同一入口查询及使用腾讯云提供的所有 API 服务。
API Inspector
用户可通过 API Inspector 查看控制台每一步操作关联的 API 调用情况,并自动生成各语言版本的 API 代码,也可前往 API Explorer 进行在线调试。
SDK
云 API 3.0 提供了配套的开发工具集(SDK),支持多种编程语言,能更方便的调用 API。
- Tencent Cloud SDK 3.0 for Python: GitHub Gitee
- Tencent Cloud SDK 3.0 for Java: GitHub Gitee
- Tencent Cloud SDK 3.0 for PHP: GitHub Gitee
- Tencent Cloud SDK 3.0 for Go: GitHub Gitee
- Tencent Cloud SDK 3.0 for Node.js: GitHub Gitee
- Tencent Cloud SDK 3.0 for .NET: GitHub Gitee
- Tencent Cloud SDK 3.0 for C++: GitHub Gitee
- Tencent Cloud SDK 3.0 for Ruby: GitHub Gitee
命令行工具
6. 错误码
以下仅列出了接口业务逻辑相关的错误码,其他错误码详见 公共错误码。
| 错误码 | 描述 |
|---|---|
| InternalError | 内部错误。 |
| InternalError.MainDBFail | 操作数据库失败。 |
| InvalidParameter | 参数错误。 |
