Security Events Metrics.

POST

/api/data/namespaces/{namespace}/app_security/metrics

const url = 'https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/data/namespaces/example/app_security/metrics';
const options = {
  method: 'POST',
  headers: {Authorization: '<Authorization>', 'Content-Type': 'application/json'},
  body: '{"end_time":"example","group_by":["NAMESPACE"],"label_filter":[{"label":"NAMESPACE","op":"EQ","value":"example"}],"namespace":"example","start_time":"example","step":"example"}'
};

try {
  const response = await fetch(url, options);
  const data = await response.json();
  console.log(data);
} catch (error) {
  console.error(error);
}

curl --request POST \
  --url https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/data/namespaces/example/app_security/metrics \
  --header 'Authorization: <Authorization>' \
  --header 'Content-Type: application/json' \
  --data '{ "end_time": "example", "group_by": [ "NAMESPACE" ], "label_filter": [ { "label": "NAMESPACE", "op": "EQ", "value": "example" } ], "namespace": "example", "start_time": "example", "step": "example" }'

GET the number of security events for a given namespace. Security events can be aggregated across multiple dimensions like VIRTUAL_HOST, SITE, SEC_EVENT_TYPE, etc.,.

Examples of this operation.

Authorizations

ApiToken

Parameters

Path Parameters

namespace

required

string

Namespace namespace is used to scope the security events for the given namespace.

Request Body^required

application/json

SecurityEventsCountRequest

Request to GET number of security events for a given namespace.

object

end_time

End time

End time of metric collection from which data will be considered. Format: unix_timestamp|RFC 3339

Optional: If not specified, then the end_time will be evaluated to start_time+10m If start_time is not specified, then the end_time will be evaluated to

string

<= 1024 characters

group_by

Group by

Aggregate data by one or more labels listed here. NAMESPACE, VIRTUAL_HOST, SRC_SITE, SRC_INSTANCE, SEC_EVENT_TYPE.

Optional: If not specified, then the security events are aggregated/grouped by VIRTUAL_HOST, SEC_EVENT_TYPE.

Array<string>

Allowed values: NAMESPACE VH_NAME SEC_EVENT_TYPE SRC_SITE SRC_INSTANCE

label_filter

Label Filter

List of label filter expressions of the form “label” Op “value”. Response will only contain data that matches all the conditions specified in the label_filter. One or more of the following labels can be specified in the label_filter. VIRTUAL_HOST, SRC_SITE, SRC_INSTANCE, SEC_EVENT_TYPE.

Optional: If not specified, then the metrics will be filtered only based on the namespace in the request.

Array<object>

Label based filtering for Security Events metrics.

Security Events metrics are tagged with labels mentioned in MetricLabel. Metric label filter can be specified to query specific metrics based on label match.

object

label

string

default: NAMESPACE

Allowed values: NAMESPACE VH_NAME SEC_EVENT_TYPE SRC_SITE SRC_INSTANCE

string

default: EQ

Allowed values: EQ NEQ

value

Value

Value to be compared with.

string

>= 3 characters <= 1024 characters

namespace

Namespace

Namespace is used to scope the security events for the given namespace.

string

>= 6 characters <= 1024 characters

start_time

Start time

Start time of metric collection from which data will be considered. Format: unix_timestamp|RFC 3339

Optional: If not specified, then the start_time will be evaluated to end_time-10m If end_time is not specified, then the start_time will be evaluated to -10m.

string

<= 1024 characters

step

Step

Step is the resolution width, which determines the number of the data points [x-axis (time)] to be returned in the response. The timestamps in the response will be t1=start_time, t2=t1+step, … Tn=tn-1+step, where tn <= end_time. Format: [0-9][smhd], where s - seconds, m - minutes, h - hours, d - days

Optional: If not specified, then step size is evaluated to <end_time - start_time>

string

<= 1024 characters

Responses

200

A successful response.

application/json

SecurityEventsCountResponse

Number of security events for each unique combination of group_by labels in the SecurityEventsCountRequest.

object

data

Security events counter data

List of security events counter data.

Array<object>

Security Events Counter

SecurityEventsCounter contains the timeseries data of security events counter.

object

namespace

Namespace

Namespace for which the security event was generated.

string

>= 6 characters <= 1024 characters

sec_event_type

Security Event Type

Event or occurrence data

string

<= 1024 characters

src_instance

Source Instance

Instance or deployment identifier

string

<= 1024 characters

src_site

Source Site

Site or location identifier

string

<= 1024 characters

vh_name

Virtual Host

Human-readable name for the resource

string

<= 1024 characters

metric

Metric Values

List of metric values.

Array<object>

Metric Value

Value returned for a Security Events Metrics query.

object

timestamp

Timestamp

Timestamp

number format: double

value

Value

Configuration parameter for value

string

>= 3 characters <= 1024 characters

step

step

Actual step size used in the response. It could be higher than the requested step due to metric rollups and the query duration. Format: [0-9][smhd], where s - seconds, m - minutes, h - hours, d - days.

string

<= 1024 characters

Example^generated

{
  "data": [
    {
      "id": {
        "namespace": "example",
        "sec_event_type": "example",
        "src_instance": "example",
        "src_site": "example",
        "vh_name": "example"
      },
      "metric": [
        {
          "timestamp": 1,
          "value": "example"
        }
      ]
    }
  ],
  "step": "example"
}

401

Returned when operation is not authorized.

application/json

string format: string

Example^generated

example

403

Returned when there is no permission to access resource.

application/json

string format: string

Example^generated

example

404

Returned when resource is not found.

application/json

string format: string

Example^generated

example

409

Returned when operation on resource is conflicting with current value.

application/json

string format: string

Example^generated

example

429

Returned when operation has been rejected as it is happening too frequently.

application/json

string format: string

Example^generated

example

500

Returned when server encountered an error in processing API.

application/json

string format: string

Example^generated

example

503

Returned when service is unavailable temporarily.

application/json

string format: string

Example^generated

example

504

Returned when server timed out processing request.

application/json

string format: string

Example^generated

example

Security Events Metrics.

Authorizations

Parameters

Path Parameters

Request Bodyrequired

Responses

200

Examplegenerated

401

Examplegenerated

403

Examplegenerated

404

Examplegenerated

409

Examplegenerated

429

Examplegenerated

500

Examplegenerated

503

Examplegenerated

504

Examplegenerated

Request Body^required

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated

Example^generated