All Products
Search
Document Center

:GetOpRiskData

最終更新日:May 16, 2024

Queries the records that are generated on a specified date for access to the high-risk sensitive data in all the DataWorks workspaces of a tenant.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes GetOpRiskData

The operation that you want to perform. Set the value to GetOpRiskData.

PageSize Integer Yes 100

The number of entries per page. Valid values: 1 to 1000.

PageNo Integer Yes 1

The page number. Pages start from page 1.

RegionId String Yes cn-shenzhen

The region ID. For example, the ID of the China (Shanghai) region is cn-shanghai, and that of the China (Zhangjiakou) region is cn-zhangjiakou. The system determines the value of this parameter based on the endpoint that is used to call the operation.

Name String No [ {"dbType":"hologres","instanceName":"ABC","databaseName":"abc"}, {"dbType":"ODPS.ODPS","projectName":"adbc"} ]

The parameters that you can configure to query the access records. Valid values:

  • dbType
  • instanceName
  • databaseName
  • projectName
  • clusterName

The following example shows the parameters configured to query the access records of the sensitive data in the abc database of the Hologres instance ABC:

{"dbType":"hologres","instanceName":"ABC","databaseName":"abc"}

You must configure the parameters based on the compute engine that you use in your business.

Date String Yes 20210221

The date on which access records were generated. Specify the value in the yyyyMMdd format.

RiskType String No Manual identification

The method that you use to identify risks. Valid values:

  • You can manually identify risks.
  • You can also use a sensitive data identification rule to identify risks. You can log on to the DataWorks console and go to the Risk Identification Rules page in Data Security Guard to obtain the name of the rule.

Response parameters

Parameter Type Example Description
RiskData String { "opRiskDatas": [ { "riskType": "Sensitivity level dimension, EMR compute engine dimension, workspace dimension, operational data of the EMR compute engine and workspace dimensions, export method dimension, and EMR compute engine", "opTime": "2021-01-04 23:39:13", "opType": "SQL_SELECT", "opAccount": "user", "sensType": "Email address/Name/Phone number", "sql": "SELECT * FROM default.jiade_1219_test_create LIMIT 20" } ], "totalCount": 499 }

The information about the high-risk sensitive data. The information includes totalCount and opRiskDatas.

opRiskDatas includes the following parameters:

  • sensType: the type of the sensitive data
  • sensLevel: the sensitivity level of the sensitive data
  • opType: the type of the operation
  • sql: the SQL statement that is executed
  • opAccount: the account that is used to perform the operation
  • opTime: the time when the operation was performed
RequestId String 0000-ABCD-EFG****

The request ID.

Examples

Sample requests

http(s)://[Endpoint]/?Action=GetOpRiskData
&PageSize=100
&PageNo=1
&Name=[ {"dbType":"hologres","instanceName":"ABC","databaseName":"abc"}, {"dbType":"ODPS.ODPS","projectName":"adbc"} ]
&Date=20210221
&RiskType=Manual identification
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<GetOpRiskDataResponse>
    <RequestId>0000-ABCD-EFG****</RequestId>
    {     "opRiskDatas": [       {         "riskType": "Sensitivity level dimension, EMR compute engine dimension, workspace dimension, operational data of the EMR compute engine and workspace dimensions, export method dimension, and EMR compute engine",         "opTime": "2021-01-04 23:39:13",         "opType": "SQL_SELECT",         "opAccount": "user",         "sensType": "Email address/Name/Phone number",         "sql": "SELECT * FROM default.jiade_1219_test_create LIMIT 20"       }     ],     "totalCount": 499   }</RiskData>
</GetOpRiskDataResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "0000-ABCD-EFG****",
  "RiskData" : "{     \"opRiskDatas\": [       {         \"riskType\": \"Sensitivity level dimension, EMR compute engine dimension, workspace dimension, operational data of the EMR compute engine and workspace dimensions, export method dimension, and EMR compute engine\",         \"opTime\": \"2021-01-04 23:39:13\",         \"opType\": \"SQL_SELECT\",         \"opAccount\": \"user\",         \"sensType\": \"Email address/Name/Phone number\",         \"sql\": \"SELECT * FROM default.jiade_1219_test_create LIMIT 20\"       }     ],     \"totalCount\": 499   }"
}

Error codes

HttpCode Error code Error message Description
400 Invalid.Param The request parameter is invalid. The values specified for one or more request parameters are invalid.
500 InternalError.DQC.BizError An internal error occurred. An internal server error occurred.
403 Forbidden.NoTenant The tenant information cannot be obtained using user ID. The tenant information cannot be obtained.

For a list of error codes, see Service error codes.