Client Security Events Metrics.
const url = 'https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/data/namespaces/example/wafs/metrics/client/security_events';const options = { method: 'POST', headers: {Authorization: '<Authorization>', 'Content-Type': 'application/json'}, body: '{"end_time":"example","group_by":["NAMESPACE"],"label_filter":[{"label":"NAMESPACE","op":"EQ","value":"example"}],"namespace":"example","range":"example","start_time":"example","step":"example"}'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://example-corp.console.ves.volterra.io/api/v1/api/production/us-east-1/namespaces/default/api/data/namespaces/example/wafs/metrics/client/security_events \ --header 'Authorization: <Authorization>' \ --header 'Content-Type: application/json' \ --data '{ "end_time": "example", "group_by": [ "NAMESPACE" ], "label_filter": [ { "label": "NAMESPACE", "op": "EQ", "value": "example" } ], "namespace": "example", "range": "example", "start_time": "example", "step": "example" }'GET number of security events per client for a given namespace. The security events counter can be aggregated based on one or more labels listed here. NAMESPACE, APP_TYPE, VIRTUAL_HOST, SITE, SERVICE, INSTANCE, WAF_INSTANCE_ID, WAF_MODE.
Authorizations
Section titled “Authorizations”Parameters
Section titled “Parameters”Path Parameters
Section titled “Path Parameters”Namespace namespace is used to scope the WAF security events for the given namespace.
Request Bodyrequired
Section titled “Request Bodyrequired”Request to GET number of security events per client/server for a given namespace.
object
End time of metric collection from which data will be considered. Format: unix_timestamp|RFC 3339
Optional: If not specified, then the end_time will be evaluated to start_time+10m
If start_time is not specified, then the end_time will be evaluated to
Aggregate data by one or more labels listed here. NAMESPACE, APP_TYPE, VIRTUAL_HOST, SITE, SERVICE, INSTANCE, WAF_INSTANCE_ID, WAF_MODE.
Optional: If not specified, then the rule hits are aggregated/grouped by VIRTUAL_HOST.
List of label filter expressions of the form “label” Op “value”. Response will only contain data that matches all the conditions specified in the label_filter. One or more of the following labels can be specified in the label_filter. APP_TYPE, VIRTUAL_HOST, SITE, SERVICE, INSTANCE, WAF_INSTANCE_ID, WAF_MODE.
Optional: If not specified, then the metrics will be filtered only based on the namespace in the request.
Label based filtering of WAF metrics.
WAF metrics are tagged with labels mentioned in MetricLabel. Metric label filter can be specified to query specific metrics based on label match.
object
Value to be compared with.
Namespace is used to scope the WAF security events for the given namespace.
Range decides how far to go back in time to fetch values for each step. For example, if the range is 5m, then for step t1, query will be evaluated for t1-5m and for t2, query will be evaluated for t2-5m and so on. Format: [0-9][smhd], where s - seconds, m - minutes, h - hours, d - days
Note: For non-timeseries query, i.e., for step=end_time-start_time, range should be set to end_time-start_time
Optional: If not specified, range is set to 5m.
Start time of metric collection from which data will be considered. Format: unix_timestamp|RFC 3339
Optional: If not specified, then the start_time will be evaluated to end_time-10m
If end_time is not specified, then the start_time will be evaluated to
Step is the resolution width, which determines the number of the data points [x-axis (time)] to be returned in the response. The timestamps in the response will be t1=start_time, t2=t1+step, … Tn=tn-1+step, where tn <= end_time. Format: [0-9][smhd], where s - seconds, m - minutes, h - hours, d - days
Optional: If not specified, then step size is evaluated to <end_time - start_time>
Responses
Section titled “Responses”A successful response.
Number of security events for each unique combination of group_by labels in the SecurityEventsCountRequest.
object
List of security events counter data.
SecurityEventsCounter contains the timeseries data of security events counter.
object
object
AppType configured on the vhost under which this WAF instance is running.
Name of the Bot associated with the WAF rule.
Type of Bot (crawler, scanner, script)
Region from which the client’s accesses caused WAF metrics to be generated.
Namespace in which this WAF instance is running.
Service for which this WAF instance is reporting the metrics.
Site from which this WAF instance is reporting the metrics.
Virtual host under which this WAF instance is running.
WAF instance ID.
Block or AlertOnly.
List of metric values.
Metric data contains timestamp and the value.
object
Timestamp
object
Description of the method used to calculate trend.
Configuration parameter for previous value
Configuration parameter for value
Configuration parameter for value
Actual step size used in the response. It could be higher than the requested step due to metric rollups and the query duration. Format: [0-9][smhd], where s - seconds, m - minutes, h - hours, d - days.
Example
{ "data": [ { "metric": [ { "trend_value": { "sentiment": "TREND_SENTIMENT_NONE" } } ] } ]}Returned when operation is not authorized.
Examplegenerated
exampleReturned when there is no permission to access resource.
Examplegenerated
exampleReturned when resource is not found.
Examplegenerated
exampleReturned when operation on resource is conflicting with current value.
Examplegenerated
exampleReturned when operation has been rejected as it is happening too frequently.
Examplegenerated
exampleReturned when server encountered an error in processing API.
Examplegenerated
exampleReturned when service is unavailable temporarily.
Examplegenerated
exampleReturned when server timed out processing request.
Examplegenerated
example