IP Forensics REST API
The IP Forensics API provides forensics information for an IP address during a specified period. Information delivered includes attack types, metrics, and anomaly details.
Method: GET
URL: /v4/abs?later_date=<>T<hh:mm>&earlier_date=<>T<hh:mm>&IP=<IP_address>
| Header | Value | |
|---|---|---|
Access Key |
|
|
Secret Key |
|
|
Sample response
{
"company": "ping identity",
"name": "api_abs_ip",
"description": " This report contains a summary and detailed information
on all attacks, metrics, and anomalies for the specified IP address on
the defined API.",
"summary": {
"total_requests": 18222,
"total_ioctypes": 0,
"total_anomalies": 0
},
"details": {
"ioc_types": [],
"metrics": {
"no_session": [
{
"start_time": "Sat Jan 04 15:30:00:000 2018",
"end_time": "Sat Jan 04 15:39:59:952 2018",
"total_requests": 2749,
"source_ip": "100.64.10.203",
"path": "/atmapp/login"
"methods": [
"GET"
]
},
{
"start_time": "Sat Jan 04 15:30:00:000 2018",
"end_time": "Sat Jan 04 15:39:59:952 2018",
"total_requests": 2952,
"source_ip": "100.64.10.203",
"path": "/atmapp/upload"
},
{
"start_time": "Sat Jan 04 15:30:00:000 2018",
"end_time": "Sat Jan 04 15:39:59:952 2018",
"total_requests": 9547,
"source_ip": "100.64.10.203",
"path": "/atmapp/zipcode"
},
{
"start_time": "Sat Jan 04 15:30:00:000 2018",
"end_time": "Sat Jan 04 15:39:59:952 2018",
"total_requests": 2964,
"source_ip": "100.64.10.203",
"path": "/atmapp/update"
}
],
"session": [
{
"session_id": "ZP7FE32357SPVT5X",
"start_time": "Sat Jan 04 15:35:14:241 2018",
"end_time": "Sat Jan 04 15:35:14:241 2018",
"total_requests": 1,
"source_ip": [
{
"ip": "100.64.10.203",
"count": 1,
"method": [
"POST"
]
}
],
"user_agent": [
{
"user_agent": "IE11",
"count": 1
}
],
"path_info": [
{
"path": "/atmapp/upload",
"count": 1
}
],
"device": [
{
"device": "WINDOWS_7",
"count": 1
}
]
},
"device": [
{
"device": "MAC_OS_X",
"count": 1
}
]
},
"start_time": "Sat Jan 04 15:40:00:000 2018",
"end_time": "Sat Jan 04 15:30:00:000 2018",
"api_name": "atmapp"
}