PingIntelligence

ABS REST API format

ABS provides external REST APIs which are used to access JSON reports providing deep insight into the following:

  • Attack Forensics and Compliance Reporting – attacks and anomalous behavior on APIs

  • API Metrics – API client and traffic details

  • Administrative – ABS system information

  • API Security Enforcer – decoy API, blocked connections, flow control, and backend error reporting

A REST client can securely query each ABS API and receive data back in JSON format. REST client program options include using:

  • Postman App for Google Chrome browser

  • Java, Python, C Sharp, or similar languages.

  • Java client program (for example, Jersey)

  • C sharp client program (for example, RestSharp)

The diagram shows the process for a REST API client to connect to an ABS API.

qri1564009060356

ABS API query format

ABS API offers a common format with a consistent syntax for request parameters. Detailed information and format of all ABS REST APIs are included in ABS external REST APIs.

Query parameters for most APIs include
Field Description

api_name

The API name to query for results

earlier_date

The time to check for results going back in time. For example, to check results from 10th April, 6 PM to 14th April, 3 PM, the earlier_date would be 10th April, 6 PM.

later_date

The time to check the results back in time. For example, to check results from 10th April, 6 PM to 14th April, 3 PM, the later_date would be 14th April, 6 PM.

The following access_key and secret_key are the keys that were defined in the abs_init.js file. Note that ":" (colon) is a restricted character and cannot be used in access and secret key.

  • x-abs-ak and x-abs-ak-ru: access_key

  • x-abs-sk and x-abs-sk-ru: secret_key

The start and end time are based on the log file data, that is, the local time where data was captured and not of the location where results are analyzed.