---
title: Consolidated attack report for an API
description: Use API URL with attack ID as 0 to access all the attacks for a specific API:
component: pingintelligence
version: 5.2
page_id: pingintelligence:pingintelligence_reference_guide:pingintelligence_consolidated_attack_report_api
canonical_url: https://docs.pingidentity.com/pingintelligence/5.2/pingintelligence_reference_guide/pingintelligence_consolidated_attack_report_api.html
revdate: April 3, 2024
section_ids:
  steps: Steps
  example: Example:
  example-2: Example:
---

# Consolidated attack report for an API

## Steps

* Use API URL with attack ID as 0 to access all the attacks for a specific API:

  https\://*\<ABS\_IP:port>*/v4/abs/attack?later\_date=yyyy-mm-ddThh:mm\&later\_date=yyyy-mm-ddThh:mm\&api=*\<api\_name>*\&type=*\<type\_id>*

  ### Example:

  <https://192.168.11.166:8080/v4/abs/attack?later_date=2018-12-31T18:00&later_date=2018-10-25T13:30&api=shop&type=0>

  1. You can further select a client identifier (Internet Protocol (IP) *(tooltip: \<div class="paragraph">
     \<p>The method by which data is sent across the internet from the source host to the destination host.\</p>
     \</div>)*, cookie, or a token) and carry out IP, cookie, or token forensics using the Forensic API.

     ### Example:

     ```json
     {
      "company": "ping identity",
      "attack_type": "Data Exfiltration Attack",
      "cookie": "JSESSIONID",
      "description": "Client (IP or Cookie) extracting an abnormal amount of data for given API",
      "earlier_date": "Tue Jan 02 16:00:00:000 2018",
      "later_date": "Mon Jan 01 18:00:00:000 2018",
      "api_name": "shop",
      "cookies": [
      {
      "cookie": "extreme_client_activity_500_request",
      "details": [
      {
      "access_time": "Fri Jan 12 08:44:39:086 2018",
      "attack_code": "varA(Tx, 26)",
      "attack_deviation": "varA(700%)"
      },
      {
      "access_time": "Fri Jan 12 09:18:34:087 2018",
      "attack_code": "varA(Tx, 25)",
      "attack_deviation": "varA(700%)"
      }
      ]
      },

      {
      "company": "ping identity",
      "attack_type": "API Probing Replay Attack",
      "cookie": "JSESSIONID",
      "description": "Client (IP or Cookie) probing or trying different parameter values to breach
      the API service for given API",
      "earlier_date": "Tue Jan 02 16:00:00:000 2018",
      "later_date": "Mon Jan 01 18:00:00:000 2018",
      "api_name": "shop",
      "cookies": [
      {
      "cookie": "api_dos_attack_type_1_shop_50_percent_error",
      "details": [
      {
      "access_time": "Fri Jan 12 08:39:56:896 2018",
      "attack_code": "varA(Tx, 47)",
      "attack_deviation": "varA(700%)"
      },
      {
      "access_time": "Fri Jan 12 09:18:34:087 2018",
      "attack_code": "varA(Tx, 47)",
      "attack_deviation": "varA(700%)"
      }
      },
      },
     }
     ```