Help Center/ Edge Security/ API Reference/ API/ HTTP Statistics/ Querying Top HTTP Attacks

Updated on 2024-11-18 GMT+08:00

View PDF

Querying Top HTTP Attacks

Function

This API is used to query top HTTP attacks.

URI

GET /v1/edgesec/stat/http-attack-top

**Table 1** Query Parameters
Parameter	Mandatory	Type	Description
enterprise_project_id	No	String	Obtain the enterprise project ID by calling the ListEnterpriseProject API of Enterprise Project Management Service (EPS). The default value is 0.
domain_name	No	String	Domain name.
stat_type	Yes	String	Metric type. For example, req_num (number of requests) and bw (bandwidth). Currently, only req_num is supported.
group_by	Yes	String	Group type. Response values are collected by group type. The group type can be host (requested server domain name), sip (requested client IP address), url (requested URL), rule (customized policy type description), user-agent (user agent), method (request method), or country (location)
limit	No	Integer	This API is ued to limit the number of top users. The value cannot exceed 100. The default value is 10.
time_type	Yes	String	Time enumeration. The options are: LATEST (last 30 minutes), TODAY (today), CUSTOMIZE (customized, any integer from 1 to 30)
start_time	No	Long	Start time
end_time	No	Long	End time

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Tenant token

Response Parameters

Status code: 200

**Table 3** Response body parameters
Parameter	Type	Description
stat_type	String	Metric type
group_by	String	Group type
values	Array of CommonStatItem objects	Single statistical model
start_time	Long	Start time
end_time	Long	End time

**Table 4** CommonStatItem
Parameter	Type	Description
key	String	Subcategory corresponding to the request parameter group_by. For example, in the API for querying the HTTP attack distribution statistics, if group_by is action, the key can be log, block, captcha, or js_challenge. In the API for querying top HTTP attack statistics, if group_by is url, the key can be the requested URL, for example, /abc.
value	Long	Number of attack requests

Status code: 400

**Table 5** Response body parameters
Parameter	Type	Description
error_code	String	Error code
error_msg	String	Error description

Status code: 401

**Table 6** Response body parameters
Parameter	Type	Description
error_code	String	Error code
error_msg	String	Error description

Status code: 500

**Table 7** Response body parameters
Parameter	Type	Description
error_code	String	Error code
error_msg	String	Error description

Example Requests

None

Example Responses

None

Status Codes

Status Code	Description
200	Request succeeded.
400	Request failed.
401	The token does not have required permissions.
500	Internal server error.

Error Codes

See Error Codes.

Parent topic: HTTP Statistics

Previous topic: Querying the Timeline Data of HTTP Attack Statistics

Next topic: DDoS Attack Logs

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.