All Products
Search

This Product

    :GetOpRiskData

    Document Center

    :GetOpRiskData

    更新時間:May 16, 2024

    Queries the records that are generated on a specified date for access to the high-risk sensitive data in all the DataWorks workspaces of a tenant.

    Debugging

    OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

    Request parameters

    Parameter Type Required Example Description
    Action String Yes GetOpRiskData

    The operation that you want to perform. Set the value to GetOpRiskData.

    PageSize Integer Yes 100

    The number of entries per page. Valid values: 1 to 1000.

    PageNo Integer Yes 1

    The page number. Pages start from page 1.

    RegionId String Yes cn-shenzhen

    The region ID. For example, the ID of the China (Shanghai) region is cn-shanghai, and that of the China (Zhangjiakou) region is cn-zhangjiakou. The system determines the value of this parameter based on the endpoint that is used to call the operation.

    Name String No [ {"dbType":"hologres","instanceName":"ABC","databaseName":"abc"}, {"dbType":"ODPS.ODPS","projectName":"adbc"} ]

    The parameters that you can configure to query the access records. Valid values:

    • dbType
    • instanceName
    • databaseName
    • projectName
    • clusterName

    The following example shows the parameters configured to query the access records of the sensitive data in the abc database of the Hologres instance ABC:

    {"dbType":"hologres","instanceName":"ABC","databaseName":"abc"}

    You must configure the parameters based on the compute engine that you use in your business.

    Date String Yes 20210221

    The date on which access records were generated. Specify the value in the yyyyMMdd format.

    RiskType String No Manual identification

    The method that you use to identify risks. Valid values:

    • You can manually identify risks.
    • You can also use a sensitive data identification rule to identify risks. You can log on to the DataWorks console and go to the Risk Identification Rules page in Data Security Guard to obtain the name of the rule.

    Response parameters

    Parameter Type Example Description
    RiskData String { "opRiskDatas": [ { "riskType": "Sensitivity level dimension, EMR compute engine dimension, workspace dimension, operational data of the EMR compute engine and workspace dimensions, export method dimension, and EMR compute engine", "opTime": "2021-01-04 23:39:13", "opType": "SQL_SELECT", "opAccount": "user", "sensType": "Email address/Name/Phone number", "sql": "SELECT * FROM default.jiade_1219_test_create LIMIT 20" } ], "totalCount": 499 }

    The information about the high-risk sensitive data. The information includes totalCount and opRiskDatas.

    opRiskDatas includes the following parameters:

    • sensType: the type of the sensitive data
    • sensLevel: the sensitivity level of the sensitive data
    • opType: the type of the operation
    • sql: the SQL statement that is executed
    • opAccount: the account that is used to perform the operation
    • opTime: the time when the operation was performed
    RequestId String 0000-ABCD-EFG****

    The request ID.

    Examples

    Sample requests

    http(s)://[Endpoint]/?Action=GetOpRiskData
&PageSize=100
&PageNo=1
&Name=[ {"dbType":"hologres","instanceName":"ABC","databaseName":"abc"}, {"dbType":"ODPS.ODPS","projectName":"adbc"} ]
&Date=20210221
&RiskType=Manual identification
&<Common request parameters>

    Sample success responses

    XML format

    HTTP/1.1 200 OK
Content-Type:application/xml

<GetOpRiskDataResponse>
    <RequestId>0000-ABCD-EFG****</RequestId>
    {     "opRiskDatas": [       {         "riskType": "Sensitivity level dimension, EMR compute engine dimension, workspace dimension, operational data of the EMR compute engine and workspace dimensions, export method dimension, and EMR compute engine",         "opTime": "2021-01-04 23:39:13",         "opType": "SQL_SELECT",         "opAccount": "user",         "sensType": "Email address/Name/Phone number",         "sql": "SELECT * FROM default.jiade_1219_test_create LIMIT 20"       }     ],     "totalCount": 499   }</RiskData>
</GetOpRiskDataResponse>

    JSON format

    HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "0000-ABCD-EFG****",
  "RiskData" : "{     \"opRiskDatas\": [       {         \"riskType\": \"Sensitivity level dimension, EMR compute engine dimension, workspace dimension, operational data of the EMR compute engine and workspace dimensions, export method dimension, and EMR compute engine\",         \"opTime\": \"2021-01-04 23:39:13\",         \"opType\": \"SQL_SELECT\",         \"opAccount\": \"user\",         \"sensType\": \"Email address/Name/Phone number\",         \"sql\": \"SELECT * FROM default.jiade_1219_test_create LIMIT 20\"       }     ],     \"totalCount\": 499   }"
}

    Error codes

    HttpCode Error code Error message Description
    400 Invalid.Param The request parameter is invalid. The values specified for one or more request parameters are invalid.
    500 InternalError.DQC.BizError An internal error occurred. An internal server error occurred.
    403 Forbidden.NoTenant The tenant information cannot be obtained using user ID. The tenant information cannot be obtained.

    For a list of error codes, see Service error codes.