Username Forensics REST API
The Username Forensics API provides forensics information for a username during a specified period. Information provided includes attack types, metrics, and anomaly details.
Method: GET
URL: /v4/abs?later_date=<>T<hh:mm>&earlier_date=<>T<hh:mm>
&username=<username>
Header | Value | |
---|---|---|
Access Key |
|
|
Secret Key |
|
|
Sample response
{
"company": "ping identity",
"name": "api_abs_username",
"description": "This report contains a summary and detailed information on metrics, attacks and anomalies for the specified user name across all APIs.",
"earlier_date": "Sat Jan 12 13:30:00:000 2019",
"later_date": "Tue Dec 31 18:00:00:000 2019",
"summary": {
"total_requests": 109965,
"total_attacks": 0,
"total_anomalies": 0
},
"details": {
"metrics": {
"username": "t4",
"tokens": [
"t4MFBkEe",
"t4GpEkUS",
"t4ZxUOjb",
"t4QEvJKT"
],
"total_requests": 109965,
"ip_list": [
{
"ip": "127.0.0.28",
"total_requests": 54983,
"devices": {
"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.110 Safari/537.36": 54983
},
"methods": {
"POST": 54983
},
"urls": {
"/atm_app_oauth": 54983
},
"apis": {
"atm_app_oauth": 54983
}
},
{
"ip": "127.0.0.1",
"total_requests": 54982,
"devices": {
"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.110 Safari/537.36": 54982
},
"methods": {
"POST": 54982
},
"urls": {
"/atm_app_oauth": 54982
},
"apis": {
"atm_app_oauth": 54982
}
}
]
},
"attack_types": {},
"anomaly_types": {}
}
}