Malicious Traffic Overview Timeseries in Actions V2.

POST

/api/shape/bot/namespaces/{namespace}/v2/reporting/traffic/malicious/overview/timeseries/actions

const url = 'https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/shape/bot/namespaces/example/v2/reporting/traffic/malicious/overview/timeseries/actions';
const options = {
  method: 'POST',
  headers: {Authorization: '<Authorization>', 'Content-Type': 'application/json'},
  body: '{"category":"example","end_time":"example","filters":{"action_taken":{"actions_taken":["example"],"op":"IN"},"app_id_filter":{"app_id_strings":["example"],"op":"IN"},"application_name":{"application_names":["example"],"op":"IN"},"as_org_filter":{"as_orgs":["example"],"op":"IN"},"attack_intent_filter":{"attack_intent_strings":["example"],"op":"IN"},"automation_type_filter":{"automation_type_strings":["example"],"op":"IN"},"browser_filter":{"browser_strings":["example"],"op":"IN"},"country_filter":{"country_strings":["example"],"op":"IN"},"host_filter":{"host_strings":["example"],"op":"IN"},"inference_filter":{"inference_strings":["example"],"op":"IN"},"ip_filter":{"ips":["example"],"op":"IN"},"method_filter":{"method_strings":["example"],"op":"IN"},"os_filter":{"op":"IN","os_strings":["example"]},"referer_filter":{"op":"IN","referer_strings":["example"]},"region_filter":"US","traffic_type_filter":{"op":"IN","traffic_type_strings":["example"]},"ua_filter":{"op":"IN","ua_strings":["example"]},"uri_filter":{"op":"IN","uri_strings":["example"]}},"namespace":"example","start_time":"example","use_raw_data":true,"virtual_host":"example"}'
};

try {
  const response = await fetch(url, options);
  const data = await response.json();
  console.log(data);
} catch (error) {
  console.error(error);
}

curl --request POST \
  --url https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/shape/bot/namespaces/example/v2/reporting/traffic/malicious/overview/timeseries/actions \
  --header 'Authorization: <Authorization>' \
  --header 'Content-Type: application/json' \
  --data '{ "category": "example", "end_time": "example", "filters": { "action_taken": { "actions_taken": [ "example" ], "op": "IN" }, "app_id_filter": { "app_id_strings": [ "example" ], "op": "IN" }, "application_name": { "application_names": [ "example" ], "op": "IN" }, "as_org_filter": { "as_orgs": [ "example" ], "op": "IN" }, "attack_intent_filter": { "attack_intent_strings": [ "example" ], "op": "IN" }, "automation_type_filter": { "automation_type_strings": [ "example" ], "op": "IN" }, "browser_filter": { "browser_strings": [ "example" ], "op": "IN" }, "country_filter": { "country_strings": [ "example" ], "op": "IN" }, "host_filter": { "host_strings": [ "example" ], "op": "IN" }, "inference_filter": { "inference_strings": [ "example" ], "op": "IN" }, "ip_filter": { "ips": [ "example" ], "op": "IN" }, "method_filter": { "method_strings": [ "example" ], "op": "IN" }, "os_filter": { "op": "IN", "os_strings": [ "example" ] }, "referer_filter": { "op": "IN", "referer_strings": [ "example" ] }, "region_filter": "US", "traffic_type_filter": { "op": "IN", "traffic_type_strings": [ "example" ] }, "ua_filter": { "op": "IN", "ua_strings": [ "example" ] }, "uri_filter": { "op": "IN", "uri_strings": [ "example" ] } }, "namespace": "example", "start_time": "example", "use_raw_data": true, "virtual_host": "example" }'

GET Malicious Traffic Overview Timeseries in Actions GET the malicious traffic action details like Blocked, Challenged, Flagged, Redirected, Transformed, Undefined, etc. Over a chosen period. It can cater to the need to support dynamic malicious traffic action types, unlike supporting fixed action types in v1.

Examples of this operation.

Authorizations

ApiToken

Parameters

Path Parameters

namespace

required

string

Namespace

x-required namespace is used to scope the query. Only virtual_host in given namespace will be considered.

Request Body^required

application/json

TrafficOverviewRequest

Request for Shape Bot Defense traffic overview.

object

category

Category

Endpoint category label.

string

<= 1024 characters

end_time

End time

End time of the query period Format: unix_timestamp|RFC 3339

Optional: If not specified, then the end_time will be evaluated to start_time+10m If start_time is not specified, then the end_time will be evaluated to

string

<= 1024 characters

filters

object

action_taken

object

actions_taken

Action Taken

A list of strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

app_id_filter

object

app_id_strings

App ID Strings

An unordered list of App ID strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

application_name

object

application_names

Application Name

A list of strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

as_org_filter

object

as_orgs

AS Organizations

An unordered list of as org strings Required: YES.

Array<string>

>= 1 items <= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

attack_intent_filter

object

attack_intent_strings

Attack Intent Strings

An list of strings Required: YES.

Array<string>

>= 1 items <= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

automation_type_filter

object

automation_type_strings

Automation Type Strings

An list of strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

browser_filter

object

browser_strings

Browser Strings

An list of strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

country_filter

object

country_strings

Country Strings

An list of strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

host_filter

object

host_strings

Host Strings

An list of strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

inference_filter

object

inference_strings

Inference Strings

An list of strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

ip_filter

object

ips

IP Addresses

An unordered list of IPv4 addresses Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

method_filter

object

method_strings

Method Strings

An list of strings Required: YES.

Array<string>

>= 1 items <= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

os_filter

object

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

os_strings

OS Strings

An list of strings Required: YES.

Array<string>

<= 64 items

referer_filter

object

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

referer_strings

Inference Strings

An list of strings Required: YES.

Array<string>

<= 64 items

region_filter

string

default: US

Allowed values: US EU ASIA CA

traffic_type_filter

object

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

traffic_type_strings

Traffic Type Strings

An list of strings Required: YES.

Array<string>

<= 64 items

ua_filter

object

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

ua_strings

User Agent Strings

An unordered list of user agent strings Required: YES.

Array<string>

<= 64 items

uri_filter

object

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

uri_strings

URI Strings

An list of strings Required: YES.

Array<string>

<= 64 items

namespace

Namespace

Namespace is used to scope the query. Only virtual_host in given namespace will be considered. Required: YES.

string

>= 6 characters <= 1024 characters

start_time

Start time

Start time of the query period Format: unix_timestamp|RFC 3339

Optional: If not specified, then the start_time will be evaluated to end_time-10m If end_time is not specified, then the start_time will be evaluated to -10m.

string

<= 1024 characters

use_raw_data

Use raw data

Optional: by default is false. If use_raw_data = True and referer filter is set, then backend will query raw data.

boolean format: boolean

virtual_host

Virtual Host Name

Name of Virtual Host to scope the query Required: YES.

string

<= 1024 characters

Responses

200

A successful response.

application/json

Malicious Traffic Timeseries in Actions Response V2

Response that contains Shape Bot Defense traffic overview timeseries in actions value.

object

values

Malicious Traffic in Actions Timeseries Values

Maclicious Traffic Overview Timeseries in Actions

Required: YES.

Array<object>

<= 32 items

MaliciousTrafficOverviewTimeseriesActionsV2

Shape Bot Defense malicious traffic overview timeseries in actions value.

object

name

Name

The name of the Traffic Type.

string

>= 6 characters <= 1024 characters

time_series

Timeseries Values

Time Series data for each Malicious Traffic Action type.

Array<object>

Time Series Data

Time Series Data.

object

count

Count

Number of items or occurrences

string format: uint64

<= 1024 characters

percentage

Percentage

Percentage.

number format: double

timestamp

Timestamp

UTC timestamp in seconds.

number format: double

Example^generated

{
  "values": [
    {
      "name": "example",
      "time_series": [
        {
          "count": "example",
          "percentage": 1,
          "timestamp": 1
        }
      ]
    }
  ]
}

401

Returned when operation is not authorized.

application/json

string format: string

Example^generated

example

403

Returned when there is no permission to access resource.

application/json

string format: string

Example^generated

example

404

Returned when resource is not found.

application/json

string format: string

Example^generated

example

409

Returned when operation on resource is conflicting with current value.

application/json

string format: string

Example^generated

example

429

Returned when operation has been rejected as it is happening too frequently.

application/json

string format: string

Example^generated

example

500

Returned when server encountered an error in processing API.

application/json

string format: string

Example^generated

example

503

Returned when service is unavailable temporarily.

application/json

string format: string

Example^generated

example

504

Returned when server timed out processing request.

application/json

string format: string

Example^generated

example

Malicious Traffic Overview Timeseries in Actions V2.

Authorizations

Parameters

Path Parameters

Request Bodyrequired

Responses

200

Examplegenerated

401

Examplegenerated

403

Examplegenerated

404

Examplegenerated

409

Examplegenerated

429

Examplegenerated

500

Examplegenerated

503

Examplegenerated

504

Examplegenerated

Request Body^required

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated