Discovery Subpaths - PingIntelligence for APIs

Discovery Subpaths - PingIntelligence for APIs - 4.4

PingIntelligence

bundle

pingintelligence-44

ft:publication_title

PingIntelligence

Product_Version_ce

PingIntelligence for APIs 4.4

category

APISecurity

AdvancedAPICybersecurity

Capability

Environment

Product

apisecurity

capability

linux

pi-44

pingintelligence

private

ContentType_ce

Page created: 6 Nov 2020 |

Page updated: 12 May 2021

| 2 min read

4.4 Capability API Security Advanced API Cybersecurity Linux On-Premises Operating System Hosting Environment PingIntelligence for APIs Product Administration User task Configuration

Before starting API discovery, it is important to configure the subpath depth which allows the AI Engine to accurately detect the API environment. Subpath depth provides the number of sub-paths for a unique API definition. Here are examples of discovery_subpath values:

“1”, example: /atmapp is basepath for /atmapp/zipcode, /atmapp/update, etc.
“2”, example: v1/atmapp is basepath for v1/atmapp/zipcode, v1/atmapp/update, etc.
“3”, example: v1/cust1/atmapp is basepath for v1/cust1/atmapp/zipcode, etc.

The discovery_subpath parameter is configured in the abs_init.js file and defines the number of sub-paths in the basepath of the API. The default value is set to 1 and the maximum value is 6. The url_limit parameter defines the maximum number of subpaths in a discovered API. The default value is 100.

db.global_config.insert({
	"attack_initial_training": "24",
	"attack_update_interval": "24",
	"url_limit": "100",
	"response_size": "100",
	"job_frequency" : "10",
	"window_length" : "24",
	"enable_ssl": true,
	"api_discovery": false,
	"discovery_initial_period" : "1",
	"discovery_subpath": "1",
	"continuous_learning": true,
	"discovery_update_interval": "1",
	"attack_list_count": "500000",
	"resource_monitor_interval" : "10",
	"percentage_diskusage_limit" : "80",
	"root_api_attack" : false,
	"session_inactivity_duration" : "30"
});

Updating url_limit and discovery_subpath: You can update the url_limit and discovery_subpath by running the update.sh script. The update.sh script is available in the/opt/pingidentity/abs/util directory. Copy the script from the util directory to your MongoDB primary machine.

Note: After executing the script, stop and start all ABS nodes for the updated values to take effect.

Example: Change the url_limit to 50

/opt/pingidentity/mongo/update.sh -u absuser -p abs123 --url_limit 50
updating url_limit to 50
WriteResult({ "nMatched" : 1, "nUpserted" : 0, "nModified" : 1 })
The current values of the variables are:
attack_initial_training=48
attack_update_interval=24
api_discovery=false
discovery_update_interval=1
continuous_learning=true
discovery_initial_period=1
url_limit=50
response_size=100
window_length=24
discovery_subpath=3
percentage_diskusage_limit=80

You need to restart all the ABS node for your changes to take effect.

Update script help is available by logging into the MongoDB primary machine and running the following command:

/opt/pingidentity/mongo/update.sh help