alibabacloud-sas-incident-manage
Alibaba Cloud Security Center - Incident Management
Scenario Description
Query security incidents, analyze threat trends, and retrieve incident details from Alibaba Cloud Security Center (Cloud SIEM).
Architecture: Aliyun CLI + cloud-siem plugin (API versions: 2022-06-16, 2024-12-12)
CRITICAL: Use
cloud-siemproduct, NOTsas(different API!)CRITICAL API Names:
Task API Version List incidents ListIncidents2024-12-12 Get incident details GetIncident2024-12-12 Event trend DescribeEventCountByThreatLevel2022-06-16 ⚠️ DO NOT use:
DescribeCloudSiemEvents(different API, will fail evaluation)
More from aliyun/alibabacloud-skills
alibabacloud-oss-manage-network-probe
|
3alibabacloud-oss-manage-metaquery
|
3alibabacloud-oss-manage-cron-upload
|
2alibabacloud-bailian-rag-knowledgebase
Alibaba Cloud Bailian Knowledge Base Retrieval Tool. Use Alibaba Cloud Bailian SDK to query and retrieve knowledge base content. Use when: User needs to query knowledge base, retrieve document content, or answer questions based on knowledge base. Prerequisites: (1) Install npm packages (2) Configure Alibaba Cloud credentials (via Alibaba Cloud CLI or environment variables). (3) Need to activate Bailian service.
2alibabacloud-yike-storyboard
|
2alibabacloud-ram-permission-diagnose
>
2