PingIntelligence

Cookie Forensics REST API

The Cookie Forensics API provides forensics information for a cookie during a specified period. Information provided includes attack types, metrics, and anomaly details.

Method: GET

URL: /v4/abs?later_date=<>T<hh:mm>&earlier_date=<>T<hh:mm> &cookie=<cookie_value>

Header Value

Access Key

x-abs-ak

<string>

Secret Key

x-abs-sk

<string>

Sample response

{
 "company": "ping identity",
 "name": "api_abs_cookie",
 "description": "This report contains a summary and detailed information
  on all attacks, metrics, and anomalies for the specified cookie on
  the defined API",
 "earlier_date": "Mon Jan 17 06:40:00:000 2018",
 "later_date": "Mon Jan 17 07:00:00:000 2018",
 "api_name": "shop",
 "summary": {
 "total_requests": 501,
 "total_anomalies": 0,
 "total_ioc": 3
 },
 "details": {
 "ioc_types": [
 "data_exfiltration_attack",
 "cookie_dos_attack",
 "extreme_client_activity_attack"
 ],
 "metrics": [
 {
 "session_id": "extreme_client_activity_500_request",
 "start_time": "Mon Jan 17 06:47:19:687 2018",
 "end_time": "Mon Jan 17 06:47:20:505 2018",
 "total_requests": 501,
 "source_ip": [
 {
 "ip": "100.100.10.12",
 "count": 501,
 "method": [
 "POST",
 "GET"
 ]
 }
 ],
 "user_agent": [
 {
 "user_agent": "CHROME",
 "count": 501
 }
 ],
 "path_info": [
 {
 "path": "/shopapi/get",
 "count": 500
 },
 {
 "path": "/shopapi/login",
 "count": 1
 }
 ],
 "device": [
 {
 "device": "LINUX",
 "count": 501
 }
 ]
 }
 ],
 "anomalies": []
 }
}