Page created: 12 May 2021
|
Page updated: 1 Nov 2021
ABS provides external REST APIs which are used to access JSON reports providing deep insight into the following:
- Attack Forensics and Compliance Reporting – attacks and anomalous behavior on APIs
- API Metrics – API client and traffic details
- Administrative – ABS system information
- API Security Enforcer – decoy API, blocked connections, flow control, and backend error reporting
A REST client can securely query each ABS API and receive data back in JSON format. REST client program options include using:
- Postman App for Google Chrome browser
- Java, Python, C Sharp, or similar languages.
- Java client program (for example, Jersey)
- C sharp client program (for example, RestSharp)
The diagram shows the process for a REST API client to connect to an ABS API.
ABS API query format
ABS API offers a common format with a consistent syntax for request parameters. Detailed information and format of all ABS REST APIs are included in ABS external REST APIs.
Query parameters for most APIs include:
Field | Description |
api_name
|
The API name to query for results. |
earlier_date
|
The time to check for results going back in time. For example, to check
results from 10th April, 6 PM to 14th April, 3 PM, the
earlier_date would be 10th April, 6 PM. |
later_date
|
The time to check the results back in time. For example, to check results
from 10th April, 6 PM to 14th April, 3 PM, the later_date would
be 14th April, 6 PM. |
The following access_key
and secret_key
are the keys
that were defined in the abs_init.js
file. Note that ":" (colon) is a
restricted character and cannot be used in access and secret key.
-
x-abs-ak
andx-abs-ak-ru:
access_key -
x-abs-sk
andx-abs-sk-ru:
secret_key
Note: The start and end time are based on the log file data, that is, the local time where data
was captured and not of the location where results are analyzed.