A root API in ASE is defined by configuring / for url variable and * for hostname variable. Following is a snippet of a truncated API JSON in ASE depicting the configuration of root API.
 "api_metadata": {
   "protocol": "http",
   "url": "/",
   "hostname": "*",
You can choose between enabling or disabling attack detection on global API by configuring root_api_attack global variable in the abs_init.js and abs_init_ldap.js file. By default attack detection is disabled on root API. Set it to true if you want to detect attacks on the root API. Configure this variable either before starting ABS, or you can use the update.sh script to update the value. For more information on update.sh script, see Update the training variables
	"attack_initial_training": "24",
	"attack_update_interval": "24",
	"url_limit": "100",
	"response_size": "100",
	"job_frequency" : "10",
	"window_length" : "24",
	"enable_ssl": true,
	"api_discovery": false,
	"discovery_initial_period" : "24",
	"discovery_subpath": "1",
	"continuous_learning": true,
	"discovery_update_interval": "1",
	"attack_list_count": "500000",
	"resource_monitor_interval" : "10",
	"percentage_diskusage_limit" : "80",
	"root_api_attack" : false,
	"session_inactivity_duration" : "30"
Training and attack detection: If the attack detection is disabled on the root API, then ABS Admin REST API displays n/a (not applicable) for training_started_at and training_duration. The prediction_mode is false.
            "api_name": "rest_api",
            "host_name": "*",
            "url": "/",
            "api_type": "regular",
            "creation_date": "Fri Apr 05 05:41:00 UTC 2019",
            "servers": 2,
            "protocol": "http",
            "cookie": "",
            "token": false,
            "training_started_at": "n/a",
            "training_duration": "n/a",
            "prediction_mode": false