Querying Top N Statistics on Dashboard
Function
This API is used to query top N statistics on the dashboard, including the attacked domain names, attack source IP addresses, attacked URLs, attack source regions, and event distribution. This API and other APIs related to Dashboard cannot be used to query the number of requests or attacks for a custom time range. You can use them to query statistics for yesterday, today, past 3 days, past 7 days, and past 30 days only.
URI
GET /v1/{project_id}/waf/overviews/classification
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Project ID. To query the project ID, go to the management console, choose My Credentials > Projects, and query the value in the Project ID column. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
enterprise_project_id |
No |
String |
Enterprise project ID. You can obtain the ID by calling the ListEnterpriseProject API of EPS. |
|
from |
Yes |
Long |
Start time (13-digit timestamp in millisecond). This parameter must be used together with to. |
|
to |
Yes |
Long |
End time (13-digit timestamp in millisecond). This parameter must be used together with from. |
|
top |
No |
Integer |
The number of top results to be returned. Maximum: 10 Minimum: 5 |
|
hosts |
No |
String |
List of the domain names to be queried. It is obtained by calling the ListHost API or the ListPremiumHost API. By default, it is left empty, and statistics on abnormal requests for all domain names is returned. To query abnormal requests for one or more domain names, configure this parameter. |
|
instances |
No |
String |
List of instances to be queried. This parameter is required only for dedicated or load-balancing WAF instances. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
Tenant token |
|
Content-Type |
Yes |
String |
Content type Default: application/json;charset=utf8 |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
domain |
DomainClassificationItem object |
Attacked domain name |
|
attack_type |
AttackTypeClassificationItem object |
Attack event distribution |
|
ip |
IpClassificationItem object |
Attacking source IP address |
|
url |
UrlClassificationItem object |
Attacked URL |
|
geo |
GeoClassificationItem object |
Source region |
|
Parameter |
Type |
Description |
|---|---|---|
|
total |
Integer |
Total number of DomainItem |
|
items |
Array of DomainItem objects |
DomainItem details |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Domain name |
|
num |
Integer |
Quantity |
|
web_tag |
String |
Website |
|
Parameter |
Type |
Description |
|---|---|---|
|
total |
Integer |
Total number of AttackTypeItem |
|
items |
Array of AttackTypeItem objects |
AttackTypeItem details |
|
Parameter |
Type |
Description |
|---|---|---|
|
total |
Integer |
Total number of IpItem |
|
items |
Array of IpItem objects |
IpItem Details |
|
Parameter |
Type |
Description |
|---|---|---|
|
total |
Integer |
Total number of UrlItem |
|
items |
Array of UrlItem objects |
UrlItem Details |
|
Parameter |
Type |
Description |
|---|---|---|
|
key |
String |
Path |
|
num |
Integer |
Quantity |
|
host |
String |
Domain name |
|
Parameter |
Type |
Description |
|---|---|---|
|
total |
Integer |
Total number of GeoItem |
|
items |
Array of GeoItem objects |
GeoItem details |
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error Code |
|
error_msg |
String |
Error Messages |
Status code: 401
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error Code |
|
error_msg |
String |
Error Messages |
Status code: 500
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error Code |
|
error_msg |
String |
Error Messages |
Example Requests
GET https://{Endpoint}/v1/{project_id}/waf/overviews/classification?enterprise_project_id=0&from=1652889600354&to=1655435681354&top=10&hosts=1bac09440a814aa98ed08302c580a48b&hosts=5a532f83a2fb476ba51ca1de7b1ebc43
Example Responses
Status code: 200
Request succeeded.
{
"attack_type" : {
"total" : 1,
"items" : [ {
"key" : "custom_custom",
"num" : 2
} ]
},
"domain" : {
"total" : 2,
"items" : [ {
"key" : "www.whitelist.com",
"num" : 2,
"web_tag" : "www.whitelist.com"
}, {
"key" : "zbx002.apayaduo.cn",
"num" : 2,
"web_tag" : ""
} ]
},
"geo" : {
"total" : 1,
"items" : [ {
"key" : "10.142.4.15",
"num" : 2
} ]
},
"ip" : {
"total" : 1,
"items" : [ {
"key" : "10.142.4.15",
"num" : 2
} ]
},
"url" : {
"total" : 1,
"items" : [ {
"key" : "/attack",
"num" : 2,
"host" : "www.whitelist.com"
} ]
}
}
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Request succeeded. |
|
400 |
Request failed. |
|
401 |
The token does not have required permissions. |
|
500 |
Internal server error. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
