Reporting active and expired client identifiers - PingIntelligence for APIs

Reporting active and expired client identifiers - PingIntelligence for APIs - 5.2

PingIntelligence

bundle

pingintelligence-52

ft:publication_title

PingIntelligence

Product_Version_ce

PingIntelligence for APIs 5.2 (Latest)

category

APISecurity

AdvancedAPICybersecurity

Capability

Environment

Product

apisecurity

capability

linux

pi-52

pingintelligence

private

ContentType_ce

API Behavioral Security (ABS ) provides an attacklist REST API with GET method to list active attacks in the system, expired attacks, and consolidated (active and expired) attacks together.

The list of detected client identifiers depends on the TTL set for the client identifiers. The attack list reports the detected client identifiers (active or expired) for the queried period. The time-period is part of the API query parameter. URL: /v4/abs/attacklist

To report active detected attacks, use the following REST API URL to report the active client identifiers: /v4/abs/attacklist?earlier_date=<>&later_date=<>&status=active

The API lists the active client identifiers for a time-period between earlier_date and later_date. PingIntelligence ASE fetches the active client identifiers list from ABS for blocking the clients.
To report expired detected attacks, use the following REST API URL to report the expired client identifiers: /v4/abs/attacklist?earlier_date=<>&later_date=<>&status=expired

The API lists the expired client identifiers for a time-period between earlier_date and later_date. The expiry of detected attacks in the system depends on the configured TTL.
To report consolidated (active and expired) detected attacks, use the following REST API URL to report the consolidated client identifiers attacks: /v4/abs/attacklist?earlier_date=<>&later_date=<>

The API lists all the client identifiers for a time-period between earlier_date and later_date.