PingIntelligence

Reporting active and expired client identifiers

API Behavioral Security (ABS ) provides an attacklist REST API with GET method to list active attacks in the system, expired attacks, and consolidated (active and expired) attacks together.

About this task

The list of detected client identifiers depends on the TTL set for the client identifiers. The attack list reports the detected client identifiers (active or expired) for the queried period. The time-period is part of the API query parameter. URL: /v4/abs/attacklist

Steps

  • To report active detected attacks, use the following REST API URL to report the active client identifiers: /v4/abs/attacklist?earlier_date=<>&later_date=<>&status=active

    The API lists the active client identifiers for a time-period between earlier_date and later_date. PingIntelligence ASE fetches the active client identifiers list from ABS for blocking the clients.

  • To report expired detected attacks, use the following REST API URL to report the expired client identifiers: /v4/abs/attacklist?earlier_date=<>&later_date=<>&status=expired

    The API lists the expired client identifiers for a time-period between earlier_date and later_date. The expiry of detected attacks in the system depends on the configured TTL.

  • To report consolidated (active and expired) detected attacks, use the following REST API URL to report the consolidated client identifiers attacks: /v4/abs/attacklist?earlier_date=<>&later_date=<>

    The API lists all the client identifiers for a time-period between earlier_date and later_date.