Cookie Forensics REST API
The Cookie Forensics API provides forensics information for a cookie during a specified period. Information provided includes attack types, metrics, and anomaly details.
Method: GET
URL: /v4/abs?later_date=<>T<hh:mm>&earlier_date=<>T<hh:mm>
&cookie=<cookie_value>
Header | Value | |
---|---|---|
Access Key |
|
|
Secret Key |
|
|
Sample response
{
"company": "ping identity",
"name": "api_abs_cookie",
"description": "This report contains a summary and detailed information
on all attacks, metrics, and anomalies for the specified cookie on
the defined API",
"earlier_date": "Mon Jan 17 06:40:00:000 2018",
"later_date": "Mon Jan 17 07:00:00:000 2018",
"api_name": "shop",
"summary": {
"total_requests": 501,
"total_anomalies": 0,
"total_ioc": 3
},
"details": {
"ioc_types": [
"data_exfiltration_attack",
"cookie_dos_attack",
"extreme_client_activity_attack"
],
"metrics": [
{
"session_id": "extreme_client_activity_500_request",
"start_time": "Mon Jan 17 06:47:19:687 2018",
"end_time": "Mon Jan 17 06:47:20:505 2018",
"total_requests": 501,
"source_ip": [
{
"ip": "100.100.10.12",
"count": 501,
"method": [
"POST",
"GET"
]
}
],
"user_agent": [
{
"user_agent": "CHROME",
"count": 501
}
],
"path_info": [
{
"path": "/shopapi/get",
"count": 500
},
{
"path": "/shopapi/login",
"count": 1
}
],
"device": [
{
"device": "LINUX",
"count": 501
}
]
}
],
"anomalies": []
}
}