Top ASN of Attack Intent V2.

POST

/api/shape/bot/namespaces/{namespace}/v2/reporting/top/type/malicious/dimension/asorg/{attack_type}

const url = 'https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/shape/bot/namespaces/example/v2/reporting/top/type/malicious/dimension/asorg/example';
const options = {
  method: 'POST',
  headers: {Authorization: '<Authorization>', 'Content-Type': 'application/json'},
  body: '{"attack_type":"example","end_time":"example","filters":{"action_taken":{"actions_taken":["example"],"op":"IN"},"app_id_filter":{"app_id_strings":["example"],"op":"IN"},"application_name":{"application_names":["example"],"op":"IN"},"as_org_filter":{"as_orgs":["example"],"op":"IN"},"attack_intent_filter":{"attack_intent_strings":["example"],"op":"IN"},"automation_type_filter":{"automation_type_strings":["example"],"op":"IN"},"browser_filter":{"browser_strings":["example"],"op":"IN"},"country_filter":{"country_strings":["example"],"op":"IN"},"host_filter":{"host_strings":["example"],"op":"IN"},"inference_filter":{"inference_strings":["example"],"op":"IN"},"ip_filter":{"ips":["example"],"op":"IN"},"method_filter":{"method_strings":["example"],"op":"IN"},"os_filter":{"op":"IN","os_strings":["example"]},"referer_filter":{"op":"IN","referer_strings":["example"]},"region_filter":"US","traffic_type_filter":{"op":"IN","traffic_type_strings":["example"]},"ua_filter":{"op":"IN","ua_strings":["example"]},"uri_filter":{"op":"IN","uri_strings":["example"]}},"limit":1,"namespace":"example","start_time":"example","virtual_host":"example"}'
};

try {
  const response = await fetch(url, options);
  const data = await response.json();
  console.log(data);
} catch (error) {
  console.error(error);
}

curl --request POST \
  --url https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/shape/bot/namespaces/example/v2/reporting/top/type/malicious/dimension/asorg/example \
  --header 'Authorization: <Authorization>' \
  --header 'Content-Type: application/json' \
  --data '{ "attack_type": "example", "end_time": "example", "filters": { "action_taken": { "actions_taken": [ "example" ], "op": "IN" }, "app_id_filter": { "app_id_strings": [ "example" ], "op": "IN" }, "application_name": { "application_names": [ "example" ], "op": "IN" }, "as_org_filter": { "as_orgs": [ "example" ], "op": "IN" }, "attack_intent_filter": { "attack_intent_strings": [ "example" ], "op": "IN" }, "automation_type_filter": { "automation_type_strings": [ "example" ], "op": "IN" }, "browser_filter": { "browser_strings": [ "example" ], "op": "IN" }, "country_filter": { "country_strings": [ "example" ], "op": "IN" }, "host_filter": { "host_strings": [ "example" ], "op": "IN" }, "inference_filter": { "inference_strings": [ "example" ], "op": "IN" }, "ip_filter": { "ips": [ "example" ], "op": "IN" }, "method_filter": { "method_strings": [ "example" ], "op": "IN" }, "os_filter": { "op": "IN", "os_strings": [ "example" ] }, "referer_filter": { "op": "IN", "referer_strings": [ "example" ] }, "region_filter": "US", "traffic_type_filter": { "op": "IN", "traffic_type_strings": [ "example" ] }, "ua_filter": { "op": "IN", "ua_strings": [ "example" ] }, "uri_filter": { "op": "IN", "uri_strings": [ "example" ] } }, "limit": 1, "namespace": "example", "start_time": "example", "virtual_host": "example" }'

GET Top Malicious Bot Event by ASN of Attack Intent Type V2, with the new definition of malicious bot for sub categories feature.

Examples of this operation.

Authorizations

ApiToken

Parameters

Path Parameters

namespace

required

string

Namespace

x-required namespace is used to scope traffic overview query. Only virtual_host in given namespace will be considered.

attack_type

required

string

Attack Intent Type Optional: this is the query parameter for top source of attack types Used in TopMaliciousBotsByIPV3.

Request Body^required

application/json

Request for Top Malicious Bot Events of Sources by Attack Intent

Request for top malicious bots by attack intent.

object

attack_type

Attack Intent Type

Optional: this is the query parameter for top source of attack types Used in TopMaliciousBotsByIPV3.

string

<= 1024 characters

end_time

End time

End time of traffic overview query period Format: unix_timestamp|RFC 3339

Optional: If not specified, then the end_time will be evaluated to start_time+10m If start_time is not specified, then the end_time will be evaluated to

string

<= 1024 characters

filters

object

action_taken

object

actions_taken

Action Taken

A list of strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

app_id_filter

object

app_id_strings

App ID Strings

An unordered list of App ID strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

application_name

object

application_names

Application Name

A list of strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

as_org_filter

object

as_orgs

AS Organizations

An unordered list of as org strings Required: YES.

Array<string>

>= 1 items <= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

attack_intent_filter

object

attack_intent_strings

Attack Intent Strings

An list of strings Required: YES.

Array<string>

>= 1 items <= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

automation_type_filter

object

automation_type_strings

Automation Type Strings

An list of strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

browser_filter

object

browser_strings

Browser Strings

An list of strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

country_filter

object

country_strings

Country Strings

An list of strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

host_filter

object

host_strings

Host Strings

An list of strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

inference_filter

object

inference_strings

Inference Strings

An list of strings Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

ip_filter

object

ips

IP Addresses

An unordered list of IPv4 addresses Required: YES.

Array<string>

<= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

method_filter

object

method_strings

Method Strings

An list of strings Required: YES.

Array<string>

>= 1 items <= 64 items

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

os_filter

object

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

os_strings

OS Strings

An list of strings Required: YES.

Array<string>

<= 64 items

referer_filter

object

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

referer_strings

Inference Strings

An list of strings Required: YES.

Array<string>

<= 64 items

region_filter

string

default: US

Allowed values: US EU ASIA CA

traffic_type_filter

object

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

traffic_type_strings

Traffic Type Strings

An list of strings Required: YES.

Array<string>

<= 64 items

ua_filter

object

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

ua_strings

User Agent Strings

An unordered list of user agent strings Required: YES.

Array<string>

<= 64 items

uri_filter

object

string

default: IN

Allowed values: IN NOT_IN MATCHES_REGEX DOES_NOT_MATCH_REGEX INCLUDES DOES_NOT_INCLUDE STARTS_WITH ENDS_WITH

uri_strings

URI Strings

An list of strings Required: YES.

Array<string>

<= 64 items

limit

Limit

Number of top malicious bots to query Optional: if not specified, the query will include top 10 malicious bots.

integer format: int64

namespace

Namespace

Namespace is used to scope traffic overview query. Only virtual_host in given namespace will be considered. Required: YES.

string

>= 6 characters <= 1024 characters

start_time

Start time

Start time of traffic overview query period Format: unix_timestamp|RFC 3339

Optional: If not specified, then the start_time will be evaluated to end_time-10m If end_time is not specified, then the start_time will be evaluated to -10m.

string

<= 1024 characters

virtual_host

Virtual Host Name

Name of Virtual Host to scope traffic overview query Required: YES.

string

<= 1024 characters

Responses

200

A successful response.

application/json

TopMaliciousBotsAttackIntentByASOrgResponse

Response for top bad bot events by ASN of Attack Intent Types.

object

bad_bot_asn_data

Top ASN event of Attack Intent under bad bot traffic

The list of top source by ASN.

Array<object>

Malicious Bot Event of Attack Intent by ASOrg Data

object

as_org

AS Organization

Organization name.

string

<= 1024 characters

bad_bot_count

Malicious Bot Count

Number of total Malicious Bot HTTP requests.

string format: uint64

<= 1024 characters

bad_bot_percentage

Taffic Event Count Percentage

The percentage of traffic requests by as_org / total requests.

number format: double

traffic_distribution

Attack Intent Distribution

Taffic details for Attack Intent Distribution.

Array<object>

DistributionData

Distribution Data.

object

count

Count

Number of items or occurrences

string format: uint64

<= 1024 characters

name

Name

Human-readable name for the resource

string

>= 6 characters <= 1024 characters

percentage

Percentage

Percentage.

number format: double

Example^generated

{
  "bad_bot_asn_data": [
    {
      "as_org": "example",
      "bad_bot_count": "example",
      "bad_bot_percentage": 1,
      "traffic_distribution": [
        {
          "count": "example",
          "name": "example",
          "percentage": 1
        }
      ]
    }
  ]
}

401

Returned when operation is not authorized.

application/json

string format: string

Example^generated

example

403

Returned when there is no permission to access resource.

application/json

string format: string

Example^generated

example

404

Returned when resource is not found.

application/json

string format: string

Example^generated

example

409

Returned when operation on resource is conflicting with current value.

application/json

string format: string

Example^generated

example

429

Returned when operation has been rejected as it is happening too frequently.

application/json

string format: string

Example^generated

example

500

Returned when server encountered an error in processing API.

application/json

string format: string

Example^generated

example

503

Returned when service is unavailable temporarily.

application/json

string format: string

Example^generated

example

504

Returned when server timed out processing request.

application/json

string format: string

Example^generated

example

Top ASN of Attack Intent V2.

Authorizations

Parameters

Path Parameters

Request Bodyrequired

Responses

200

Examplegenerated

401

Examplegenerated

403

Examplegenerated

404

Examplegenerated

409

Examplegenerated

429

Examplegenerated

500

Examplegenerated

503

Examplegenerated

504

Examplegenerated

Request Body^required

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated