PingIntelligence

API DoS and DDoS threshold

API DoS and DDoS threshold 11.

API Flow Control reports on API Security Enforcer (ASE) configured flow control thresholds that are exceeded. The reporting is done on the following parameters:

  • Client Spike – inbound client traffic rate

  • Server Spike – aggregate traffic to an application programming interface (API) service

  • Connection Queued – connection requests queued due to server at concurrent connection limit

  • Bytes-in Spike – WebSocket aggregate inbound traffic exceeds limit

  • Bytes-out Spike - WebSocket aggregate outbound traffic exceeds limit

API DoS and DDoS threshold and reporting is only available when ASE is deployed in inline mode.

For a specified API, the flow control API provides a summary of thresholds exceeded and detailed reporting on each flow control threshold exceeded:

{
 "company": "ping identity",
 "name": "api_flowcontrol",
 "description": "This report contains flow control information for the specified API",
 "earlier_date": "Thu Jan 25 18:00:00:000 2018",
 "later_date": "Fri Dec 28 18:00:00:000 2018",
 "api_name": "atm_app_private",
 "server_spike_ip_count": 0,
 "summary": {
 "client_spike": 990,
 "server_spike": 0,
 "connection_queued": 0,
 "connection_quota_exceeded": 0
 },
 "details": {
 "client_spike": [
 {
 "request_time": "Mon Jan 29 13:43:20:227 2018",
 "connection_id": "2081496566",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "1902346354",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "1999376747",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "2009947644",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "934081844",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:227 2018",
 "connection_id": "2081496566",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "1902346354",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "1999376747",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "2009947644",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 },
 {
 "request_time": "Mon Jan 29 13:43:20:228 2018",
 "connection_id": "934081844",
 "source_ip": "3.1.1.2",
 "destination_api": "/atm_app_private/get400"
 }
 ],
 "server_spike": [],
 "connections_queued": [],
 "connection_quota_exceeded": []
 }
}