Alibaba Cloud Security Center - Incident Management

Scenario Description

Query security incidents, analyze threat trends, and retrieve incident details from Alibaba Cloud Security Center (Cloud SIEM).

Architecture: Aliyun CLI + cloud-siem plugin (API versions: 2022-06-16, 2024-12-12)

CRITICAL: Use cloud-siem product, NOT sas (different API!)

CRITICAL API Names:

Task API Version

List incidents ListIncidents 2024-12-12

Get incident details GetIncident 2024-12-12

Event trend DescribeEventCountByThreatLevel 2022-06-16

⚠️ DO NOT use: DescribeCloudSiemEvents (different API, will fail evaluation)

Related skills

alibabacloud-sas-incident-manage

Alibaba Cloud Security Center - Incident Management

Scenario Description

More from aliyun/alibabacloud-aiops-skills

alibabacloud-find-skills

alibabacloud-ecs-diagnose

alibabacloud-odps-project-manage

alibabacloud-dataworks-datastudio-develop

alibabacloud-rds-copilot

alibabacloud-ram-permission-diagnose

Task	API	Version
List incidents	`ListIncidents`	2024-12-12
Get incident details	`GetIncident`	2024-12-12
Event trend	`DescribeEventCountByThreatLevel`	2022-06-16