PingIntelligence

ABS reports

API Behavioral Security (ABS) sends an e-mail report every 24 hours at midnight, 00:00:00 hours (local system time).

Each report includes values for the following parameters:

  • ABS Node Status: resource utilization of CPU, file system, and operating system

  • ASE Logs Processed: Compressed file size of ASE logs processed in 24 hours

  • Total Requests: The number of requests in the processed log files in 24 hours

  • Success: The total number of requests which got a 200-OK response

  • Total Anomalies: Total number of anomalies detected across APIs in 24 hours

  • Total IOC: Total number of attacks detected in 24 hours

  • When: The time when the email report was sent

  • Where: The ABS node that sent the email report

  • MongoDB node IP address and status

Following is a sample ABS email template:

Dear DevOps,
    Please find the daily report generated by 192.168.11.166 at 2019-Jun-25 00:02:00 UTC
===================Cluster Details=============
ASE Logs Processed: 93.78MB
Total Request: 678590
Success: 596199
Total Anomalies: 7
Total IOC: 2
When : 2019-Jun-25 00:02:00 UTC
Where: 192.168.11.166

==================Node1 ===================
Host : 192.168.11.166
OS : Red Hat Enterprise Linux Server release 7.5 (Maipo)
CPU : 24
Memory : 62G
Filesystem : 39%
===========================================

================Mongo1 ====================
Host : 192.168.11.162
Status : up
===========================================

================Mongo2 ====================
Host :  192.168.11.164
Status : up
===========================================

================Mongo3 ====================
Host :  192.168.11.1685
Status : up
===========================================

===========================================
Best,
API Behavioral Security.