Dashboard
Dashboard
Overview
Application Protection Dashboard API.
Version information
Version : 1.0.0.BETA
License information
Terms of service : https://www.nexusguard.com/
URI scheme
Host : api.nexusguard.com
BasePath : /api
Schemes : HTTPS
Paths
Get Application DDoS event top traffic patterns.
GET /spe/ap/customer/{customer_id}/dashboard/ddos/event/{event_id}/top_traffic_patterns
Description
Retrieve Application DDoS event top 100 traffic patterns.
Parameters
| Type | Name | Description | Schema |
|---|---|---|---|
| Path | customer_id required |
Unique identifier of a customer. Can be obtained by invoking this API. | string |
| Path | event_id required |
Unique identifier of a Event. | string |
| Query | access_token required |
Access token used to authenticate your access to the API. | string |
| Query | sort_type optional |
Sort by unit.must be one of average,max,total. | string |
| Query | unit optional |
Sort by unit.must be one of bps,pps. | string |
Responses
| HTTP Code | Description | Schema |
|---|---|---|
| 200 | Response when the API is successfully invoked. | Response 200 |
| Name | Description | Schema |
|---|---|---|
| code optional |
Error code | integer |
| msg optional |
Error message | string |
| result optional |
Top 100 traffic patterns. | result |
| Name | Description | Schema |
|---|---|---|
| asn optional |
AS Number. | string |
| average optional |
Average traffic of the pattern. | string |
| cidr optional |
CIDR of the event pattern. | string |
| dest_port optional |
Destination port of the pattern. | string |
| max optional |
Max traffic of the pattern. | max |
| protocol optional |
Protocol of the pattern. | string |
| router optional |
Router name. | string |
| src_port optional |
Source port of the pattern. | string |
| total optional |
Total traffic of the pattern. | total |
| Name | Schema |
|---|---|
| bps optional |
string |
| pps optional |
string |
| Name | Schema |
|---|---|
| byte optional |
string |
| packet optional |
string |
Consumes
application/json
Produces
application/json
Security
| Type | Name |
|---|---|
| apiKey | ApiKeyAuth |
Get historical DDoS events by specifying timestamps.
GET /spe/ap/customer/{customer_id}/dashboard/ddos_events
Description
Retrieve historical DDoS events by selecting the time range.
Parameters
| Type | Name | Description | Schema |
|---|---|---|---|
| Path | customer_id required |
Unique identifier of a customer. Can be obtained by invoking this API. | string |
| Query | access_token required |
Access token used to authenticate your access to the API. | string |
| Query | attack_type required |
DDOS event type ,mixed or application . | enum (application, mixed) |
| Query | end_time optional |
year-month-day hour:minute:second’,eg: ‘2021-06-01 20:10:00’ The end time of the event. It can be blank, meaning the event is ongoing. | string |
| Query | num optional |
The page parameter. The default value of requesting the counts of index from the first index is 20.The max value of requesting the counts of index from the first index is 50. | integer |
| Query | site_id optional |
Unique identifier of a site. Can be obtained by invoking this API for Application Protection sites. | string |
| Query | start optional |
The default value of the first index of the page parameter value is 0. | integer |
| Query | start_time required |
The start time of the event. Format: ‘year-month-day hour:minute:second’,eg: ‘2021-06-01 20:10:00’. | string |
| Query | timezone_offset optional |
Millisecond is the unit of timezone offset. The default value is 0. | integer |
Responses
| HTTP Code | Description | Schema |
|---|---|---|
| 200 | Response when the API is successfully invoked. | Response 200 |
| Name | Description | Schema |
|---|---|---|
| code optional |
Error code | integer |
| msg optional |
Error message | string |
| result optional |
Historical DDoS event list. | result |
| Name | Description | Schema |
|---|---|---|
| events optional |
events | |
| total optional |
Total no. of alarms in the query range. | integer |
| Name | Description | Schema |
|---|---|---|
| application_ddos_events optional |
Events items which attack_type is ‘application’.Get items from this field when attack_type is ‘application’ | < ApplicationDDOSEvent > array |
| attack_type optional |
Attack type,value is one of ‘mixed’ or ‘application’ | string |
| mixed_ddos_events optional |
Events items which attack_type is ‘mixed’.Get items from this field when attack_type is ‘mixed’ | < MixedDDOSEvent > array |
Consumes
application/json
Produces
application/json
Security
| Type | Name |
|---|---|
| apiKey | ApiKeyAuth |
Download event logs from WAF dashboard.
GET /spe/ap/customer/{customer_id}/dashboard/waf/event/{event_id}/download
Description
Download event logs from WAF dashboard. After implementing the query, it jumps to the page to download the document.
Parameters
| Type | Name | Description | Schema |
|---|---|---|---|
| Path | customer_id required |
Unique identifier of a customer. Can be obtained by invoking this API. | string |
| Path | event_id required |
the unique identity of the attack event. | string |
| Query | access_token required |
Access token used to authenticate your access to the API. | string |
Responses
| HTTP Code | Description | Schema |
|---|---|---|
| 200 | OK | file |
Consumes
application/octet-stream
Produces
application/json
Security
| Type | Name |
|---|---|
| apiKey | ApiKeyAuth |
Get the list of event logs from the WAF dashboard.
GET /spe/ap/customer/{customer_id}/dashboard/waf/event/{event_id}/log
Description
Get the list of the event logs from WAF dashboard, based on the event ID.
Parameters
| Type | Name | Description | Schema |
|---|---|---|---|
| Path | customer_id required |
Unique identifier of a customer. Can be obtained by invoking this API. | string |
| Path | event_id required |
Unique identifier of a event. | string |
| Query | access_token required |
Access token used to authenticate your access to the API. | string |
| Query | end_time optional |
The end time of the event time range.Default value is one day after the start time. | integer |
| Query | num optional |
The page parameter. The default number of the page parameter from the first index value is 20.The max number of the page parameter from the first index value is 50. | integer |
| Query | start optional |
The page parameter. The default value of the page parameter from the first index is 0. | integer |
| Query | start_time optional |
The start time of the event time range.Default value is event start time. | integer |
Responses
| HTTP Code | Description | Schema |
|---|---|---|
| 200 | OK | Response 200 |
| Name | Description | Schema |
|---|---|---|
| code optional |
Error code. | integer |
| msg optional |
Error message. | string |
| result optional |
The returned result. | result |
| Name | Description | Schema |
|---|---|---|
| logs optional |
The list of the attack event logs. | logs |
| total_num optional |
The total number of the attack event log. | integer |
| Name | Description | Schema |
|---|---|---|
| _id optional |
The unique identity of the log. | string |
| action optional |
Attack action. | string |
| attack_type optional |
The attack type. | string |
| domain optional |
Domain. | string |
| domain_id optional |
Domain ID. | string |
| host optional |
Attack host. | string |
| http_method optional |
Attack pattern. | string |
| http_path optional |
Attack http path. | string |
| http_x_forwarded_for_as optional |
Http x-forwarded-for as. | string |
| http_x_forwarded_for_lat optional |
Http x-forwarded-for lat. | string |
| location optional |
Attack location. | string |
| match_content optional |
Attack match content. | string |
| match_post optional |
Attack match post. | string |
| pattern optional |
Attack pattern. | string |
| rule_id optional |
The unique identity of the protect rule. | string |
| severity optional |
Severity of the threat. | string |
| src_ip optional |
Source IP. | string |
| src_ip_cc optional |
Source IP country ISO code. | string |
| src_ip_city optional |
Source IP city. | string |
| timestamp optional |
The time of attack time. | integer |
Produces
application/json
Security
| Type | Name |
|---|---|
| apiKey | ApiKeyAuth |
Obtain top 10 countries and URL from the WAF event details of dashboard.
GET /spe/ap/customer/{customer_id}/dashboard/waf/event/{event_id}/top
Description
Obtain top 10 countries and URL from the WAF event details of dashboard, based on event ID.
Parameters
| Type | Name | Description | Schema |
|---|---|---|---|
| Path | customer_id required |
Unique identifier of a customer. Can be obtained by invoking this API. | string |
| Path | event_id required |
Unique identifier of a event. | string |
| Query | access_token required |
Access token used to authenticate your access to the API. | string |
Responses
| HTTP Code | Description | Schema |
|---|---|---|
| 200 | OK | Response 200 |
| Name | Description | Schema |
|---|---|---|
| code optional |
Error code. | integer |
| msg optional |
Error message. | string |
| result optional |
The returned result. | result |
| Name | Schema |
|---|---|
| top10_country optional |
< top10_country > array |
| top10_url optional |
< top10_url > array |
| Name | Description | Schema |
|---|---|---|
| code optional |
Country code. | string |
| count optional |
The total number of attacks. | integer |
| country optional |
Countries. | string |
| latitude optional |
Latitude. | integer |
| longitude optional |
Longitude. | integer |
| percent optional |
Percentage. | number |
| Name | Description | Schema |
|---|---|---|
| count optional |
The total number of attacks. | string |
| percent optional |
Percentage. | number |
| url optional |
url | string |
Produces
application/json
Security
| Type | Name |
|---|---|
| apiKey | ApiKeyAuth |
Get clean bandwidth traffic data.
GET /spe/ap/customer/{customer_id}/site/{site_id}/overview/traffic/bandwidth/clean
Description
Get clean bandwidth traffic data.
Parameters
| Type | Name | Description | Schema |
|---|---|---|---|
| Path | customer_id required |
Unique identifier of a customer. Can be obtained by invoking this API. | string |
| Path | site_id required |
Unique identifier of a site. Can be obtained by invoking this API for Application Protection sites. | string |
| Query | access_token required |
Access token used to authenticate your access to the API. | string |
| Query | period optional |
Time span of data.Default value is ‘day’. | enum (hour, day) |
Responses
| HTTP Code | Description | Schema |
|---|---|---|
| 200 | Response sent when the API is successfully invoked. | Response 200 |
| Name | Description | Schema |
|---|---|---|
| code optional |
Error code | integer |
| msg optional |
Error message | string |
| result optional |
result |
| Name | Description | Schema |
|---|---|---|
| in optional |
in traffic data. | < in > array |
| max optional |
The max traffic. | number |
| out optional |
out traffic data. | < out > array |
| Name | Description | Schema |
|---|---|---|
| time optional |
timestamp. | number |
| value optional |
traffic. | number |
| Name | Description | Schema |
|---|---|---|
| time optional |
timestamp | number |
| value optional |
traffic | number |
Consumes
multipart/form-data
Produces
application/json
Security
| Type | Name |
|---|---|
| apiKey | ApiKeyAuth |
Get clean bandwidth traffic data.
GET /spe/ap/customer/{customer_id}/site/{site_id}/traffic/bandwidth/{bandwidth_type}
Description
Get clean bandwidth traffic data.The return result is a traffic array with timestamps.
Parameters
| Type | Name | Description | Schema |
|---|---|---|---|
| Path | bandwidth_type required |
Type of traffic data. ‘clean’ means clean traffic data, ‘raw’ means raw traffic data. | enum (clean, raw) |
| Path | customer_id required |
Unique identifier of a customer. Can be obtained by invoking this API. | string |
| Path | site_id required |
Unique identifier of a site. Can be obtained by invoking this API for Application Protection sites. | string |
| Query | access_token required |
Access token used to authenticate your access to the API. | string |
| Query | end_time required |
The end time of the time period, timestamp, seconds.When period is hour, the time interval should be greater than 1 minute and less than 2 hours; when period is day, the time interval should be greater than 1 houre and less than two days; when period is week, the time interval should be greater than 1 day and less than 7 days; when period is month, the time interval should be greater than 7 day and less than 31 days. | string |
| Query | period optional |
Time span of data.Default value is ‘hour’.When period is hour, the timestamp interval of each traffic data is 1 minute. When period is day, the timestamp interval of each traffic data is 10 minutes. When period is week or month, the time interval of traffic data is 1 hour. In the parameters, the choice of period depends on the length of the time period you want to obtain. | enum (hour, day, week, month) |
| Query | start_time required |
The start time of the time period, timestamp, seconds.When period is hour, the time interval should be greater than 1 minute and less than 2 hours; when period is day, the time interval should be greater than 1 houre and less than two days; when period is week, the time interval should be greater than 1 day and less than 7 days; when period is month, the time interval should be greater than 7 day and less than 31 days. | string |
Responses
| HTTP Code | Description | Schema |
|---|---|---|
| 200 | Response sent when the API is successfully invoked. | Response 200 |
| Name | Description | Schema |
|---|---|---|
| code optional |
Error code | integer |
| msg optional |
Error message | string |
| result optional |
result |
| Name | Description | Schema |
|---|---|---|
| in optional |
in traffic data. | < in > array |
| max optional |
The max traffic. | number |
| out optional |
out traffic data. | < out > array |
| Name | Description | Schema |
|---|---|---|
| time optional |
timestamp. | number |
| value optional |
traffic. | number |
| Name | Description | Schema |
|---|---|---|
| time optional |
timestamp | number |
| value optional |
traffic | number |
Consumes
multipart/form-data
Produces
application/json
Security
| Type | Name |
|---|---|
| apiKey | ApiKeyAuth |
Get the event list from the WAF dashboard.
GET /spe/ap/dashboard/waf/event
Description
Get the event list from the WAF dashboard which contains the list of WAF events in the specific site of the specific customer within the specific time. This can be handled by the paging.
Parameters
| Type | Name | Description | Schema |
|---|---|---|---|
| Query | access_token required |
Access token used to authenticate your access to the API. | string |
| Query | customer_id required |
Unique identifier of a customer. Can be obtained by invoking this API. | string |
| Query | end_time optional |
year-month-day hour:minute:second’,eg: ‘2021-06-01 20:10:00’ The end time of the event. It can be blank, meaning the event is ongoing. | string |
| Query | num optional |
The page parameter. The default value of requesting the counts of index from the first index is 20.The max value of requesting the counts of index from the first index is 50. | integer |
| Query | site_id required |
Unique identifier of a site. Can be obtained by invoking this API for Application Protection sites. | string |
| Query | start optional |
The default value of the first index of the page parameter value is 0. | integer |
| Query | start_time required |
The start time of the event. Format: ‘year-month-day hour:minute:second’,eg: ‘2021-06-01 20:10:00’. | string |
| Query | timezone_offset optional |
Millisecond is the unit of timezone offset. The default value is 0. | integer |
Responses
| HTTP Code | Description | Schema |
|---|---|---|
| 200 | OK | Response 200 |
| Name | Description | Schema |
|---|---|---|
| code optional |
Error code. | integer |
| msg optional |
Error message. | string |
| result optional |
The returned result. | result |
| Name | Description | Schema |
|---|---|---|
| events optional |
The list of events. | < events > array |
| total_num optional |
The total number of events. | integer |
| Name | Description | Schema |
|---|---|---|
| attack_count optional |
The attack count. | integer |
| attack_type_summary optional |
The summary of the attack type only shows the statistical data of the top 3 events. The rest of them belongs to the others. | attack_type_summary |
| customer_id optional |
Unique identifier of a customer. | string |
| customer_name optional |
The name of the customer. It will be ‘Unknow’ when customer was deleted | string |
| domain_name optional |
Name of a domain. | string |
| domain_port_id optional |
Unique identifier of the combination of a domain and a port number. | string |
| end_time optional |
he end time of the event. | string |
| event_id optional |
the unique identity of the event. | string |
| severity optional |
The severity level of attack. 0 represents the low level, 1 medium level and 2 the high level. | integer |
| site_id optional |
Unique identifier of a site. | string |
| site_name optional |
The site name. | string |
| start_time optional |
The start time of the event. | string |
| status optional |
The status of event. 0 represents ongoing, 1 stopped. | integer |
| Name | Description | Schema |
|---|---|---|
| anti_leech optional |
anti leech | anti_leech |
| coldfusion_injection optional |
coldfusion injection | coldfusion_injection |
| components_leak optional |
components leak | components_leak |
| csrf optional |
csrf | csrf |
| email_injection optional |
email injection | email_injection |
| encryption optional |
encryption | encryption |
| error_code_handing optional |
error code handing | error_code_handing |
| force_remove_header optional |
force remove header | force_remove_header |
| ldap_injection optional |
ldap injection | ldap_injection |
| oscmd optional |
os cmd | oscmd |
| others optional |
The others includes the rest of the top 3 attacks. | others |
| path_traversal optional |
path traversal | path_traversal |
| phpcode_injection optional |
php code injection | phpcode_injection |
| port_security optional |
port security | port_security |
| sensitive_leak optional |
sensitive leak | sensitive_leak |
| session_fixation optional |
session fixation | session_fixation |
| sqli optional |
sqli | sqli |
| ssi optional |
ssi | ssi |
| unvalidated_redirects optional |
unvalidated redirects | unvalidated_redirects |
| webscanner optional |
web scanner | webscanner |
| xml_injection optional |
xml injection | xml_injection |
| xss optional |
xss | xss |
| xxe_injection optional |
xxe injection | xxe_injection |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
| Name | Description | Schema |
|---|---|---|
| count optional |
The statistics of attack type. | integer |
| name optional |
The name of attack. | string |
| percent optional |
The percentage of attack type. | integer |
Produces
application/json
Security
| Type | Name |
|---|---|
| apiKey | ApiKeyAuth |
Definitions
ApplicationDDOSEvent
| Name | Description | Schema |
|---|---|---|
| alert_id optional |
Alert ID | string |
| attack_type optional |
Attack Type | string |
| challenges optional |
Challenges | integer |
| create_time optional |
Event’s create time, in 10-digit timestamp format. | integer |
| detection_threshold optional |
Detection threshold | integer |
| domain optional |
Domain | string |
| domain_port_id optional |
Domain ID | string |
| duration optional |
Duration | string |
| end_time optional |
Event’s end time, in 10-digit timestamp format. | integer |
| event_id optional |
Event ID | string |
| flow optional |
flow | |
| ifProtect optional |
If on protect | boolean |
| item optional |
Item | string |
| item_domain optional |
Item Domain | string |
| max optional |
max | |
| port optional |
Port | integer |
| protect_end_time optional |
Event’s protection start time, in 10-digit timestamp format. | integer |
| protect_start_time optional |
Event’s protection start time, in 10-digit timestamp format. | integer |
| schema optional |
Schema | string |
| severity optional |
Alert level: 1(Low); 2(High); 3(Medium); 4(Blackhole). | integer |
| severity_level optional |
Level of severity: Alert or Auto Mitigation or Auto Blackhole. | string |
| site_id optional |
Site ID | string |
| start_time optional |
Event’s start time, in 10-digit timestamp format. | integer |
| status optional |
The status of event. 0 represents stopped, 1 ongoing. | integer |
| total_dropped_traffic optional |
Total Dropped Traffic | integer |
| ua optional |
ua |
| Name | Schema |
|---|---|
| auth_request optional |
integer |
| auth_request_bytes optional |
integer |
| drop_request optional |
integer |
| drop_request_bytes optional |
integer |
| total_request optional |
integer |
| Name | Schema |
|---|---|
| collect_time optional |
integer |
| total_request optional |
integer |
| total_transaction optional |
integer |
| Name | Schema |
|---|---|
| botnet optional |
botnet |
| visitor optional |
visitor |
| Name | Schema |
|---|---|
| Other optional |
integer |
| Name | Schema |
|---|---|
| Chrome optional |
integer |
| Other optional |
integer |
MixedDDOSEvent
| Name | Description | Schema |
|---|---|---|
| alert_id optional |
Alert ID | string |
| attack_type optional |
Attack Type | string |
| duration optional |
Alert duration, measured in seconds. | string |
| end_time optional |
Alert’s end time, in 10-digit timestamp format. | integer |
| event_id optional |
Event ID | string |
| ipv6 optional |
IPv6 | integer |
| max_bps optional |
Max bps | integer |
| max_pps optional |
Max pps | integer |
| moids optional |
MO ID Array | < string > array |
| severity optional |
Alert level: 1(Low); 2(High); 3(Medium); 4(Blackhole). | integer |
| severity_level optional |
Level of severity: Alert or Auto Mitigation or Auto Blackhole. | string |
| site_id optional |
Site ID | integer |
| site_ip optional |
Site IP | string |
| site_name optional |
Site Name | string |
| start_time optional |
Alert’s start time, in 10-digit timestamp format. | integer |
| status optional |
1 means ongoing. 0 means stopped. | integer |
Security
ApiKeyAuth
Type : apiKey
Name : access_token
In : QUERY