PingIntelligence

IP Forensics REST API

The Internet Protocol (IP) forensics application programming interface (API) provides forensics information for an IP address during a specified period.

Information delivered includes attack types, metrics, and anomaly details.

Method: GET

URL: /v4/abs?later_date=<>T<hh:mm>&earlier_date=<>T<hh:mm>&IP=<IP_address>

Header Value

Access Key

x-abs-ak

<string>

Secret Key

x-abs-sk

<string>

Sample Response:

{
 "company": "ping identity",
 "name": "api_abs_ip",
 "description": " This report contains a summary and detailed information
  on all attacks, metrics, and anomalies for the specified IP address on
  the defined API.",
 "summary": {
 "total_requests": 18222,
 "total_ioctypes": 0,
 "total_anomalies": 0
 },
 "details": {
 "ioc_types": [],
 "metrics": {
 "no_session": [
 {
 "start_time": "Sat Jan 04 15:30:00:000 2018",
 "end_time": "Sat Jan 04 15:39:59:952 2018",
 "total_requests": 2749,
 "source_ip": "100.64.10.203",
 "path": "/atmapp/login"
 "methods": [
 "GET"
 ]
 },
 {
 "start_time": "Sat Jan 04 15:30:00:000 2018",
 "end_time": "Sat Jan 04 15:39:59:952 2018",
 "total_requests": 2952,
 "source_ip": "100.64.10.203",
 "path": "/atmapp/upload"
 },
 {
 "start_time": "Sat Jan 04 15:30:00:000 2018",
 "end_time": "Sat Jan 04 15:39:59:952 2018",
 "total_requests": 9547,
 "source_ip": "100.64.10.203",
 "path": "/atmapp/zipcode"
 },
 {
 "start_time": "Sat Jan 04 15:30:00:000 2018",
 "end_time": "Sat Jan 04 15:39:59:952 2018",
 "total_requests": 2964,
 "source_ip": "100.64.10.203",
 "path": "/atmapp/update"
 }
 ],
 "session": [
 {
 "session_id": "ZP7FE32357SPVT5X",
 "start_time": "Sat Jan 04 15:35:14:241 2018",
 "end_time": "Sat Jan 04 15:35:14:241 2018",
 "total_requests": 1,
 "source_ip": [
 {
 "ip": "100.64.10.203",
 "count": 1,
 "method": [
 "POST"
 ]
 }
 ],
 "user_agent": [
 {
 "user_agent": "IE11",
 "count": 1
 }
 ],
 "path_info": [
 {
 "path": "/atmapp/upload",
 "count": 1
 }
 ],
 "device": [
 {
 "device": "WINDOWS_7",
 "count": 1
 }
 ]
 },

 "device": [
 {
 "device": "MAC_OS_X",
 "count": 1
 }
 ]
 },

 "start_time": "Sat Jan 04 15:40:00:000 2018",
 "end_time": "Sat Jan 04 15:30:00:000 2018",
 "api_name": "atmapp"
}