nhncloud-security-events
Query security monitoring events from NHN Cloud.
Syntax
nhncloud-security-events [profile=PROFILE] [duration=NUM{mon|w|d|h|m|s}] [from=yyyyMMddHHmmss] [to=yyyyMMddHHmmss]
Options
- profile=PROFILE
- Optional. NHN Cloud connect profile code
- duration=NUM{mon|w|d|h|m|s}
- Optional. Scan only recent data. Use s(second), m(minute), h(hour), d(day), mon(month) time unit.
- from=yyyyMMddHHmmss
- Optional. Start time of range. yyyyMMddHHmmss format.
- to=yyyyMMddHHmmss
- Optional. End time of range. yyyyMMddHHmmss format.
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| profile | String | Profile | e.g. myprofile |
| event_time | Date | Detected | e.g. 2021-07-11 23:36:13 |
| risk | String | Risk | e.g. LOW |
| dst_ip | IP address | Destination IP | e.g. 133.186.143.56 |
| signature | String | Signature | e.g. UDS_439_phpmyadmin_access |
| src_ip | IP address | Source IP | e.g. 89.248.168.171 |
| dst_port | Integer | Destination Port | e.g. 80 |
| src_port | Integer | Source Port | e.g. 33420 |
| direction | String | Direction | e.g. inbound |