GetWAFAttackEvent-Documentation

POST

https://api.cdnetworks.com/api/waf/report/query-attack-event-list

Query the key incidents of domain.

Limit of request rate per user: 300/5min
Applicable Products: Application Shield,Web Application Firewall

For API authentication details, please refer to: API Authentication Overview

Request

Body Params

Name	Description
*domains	Domain, array.
*startTime	Start time, yyyy-MM-dd HH:mm:ss.
*endTime	End time, yyyy-MM-dd HH:mm:ss.
timeZone	Time zone, GMT+8 by default.

Response

Body Params

Name	Description
code	Return 0 means success, please see <Error code> to check other status code.
message	Error message or Success.
- data	Return data.
- attackEventList	Attack events.
attackCount	Attack requests.
startTime	Start time of attack.
endTime	End time of attack.
attackType	Attack type.
ip	Attacker Ip.
attackEventType	Attack event type.
attackTypeNameEn	English name of attack type.
attackTypeName	Chinese name of attack type.
eventNameEn	English name of attack event.
eventName	Chinese name of attack event.
totalCount	Number of attack events.

Error code

Error code(code)	Description(message)	HTTP status	Semantic
22992000	ERROR_SYSTEM	200	System error.
22992001	ERROR_PARAM	200	Param invalid.
22992002	ERROR_HEADER	200	request header param error
22992003	ERROR_ZONE	200	The time zone parameter is abnormal, please start with GMT
22992004	ERROR_TIME_ZONE	200	time zone conver error

Example

JSON

Request example Copy Copy success#!/bin/bash username="example_username" # Note that this must be a single quote to avoid the special $ character apiKey='example_apiKey' date=`env LANG="en_US.UTF-8" date -u "+%a, %d %b %Y %H:%M:%S GMT"` password=`echo -en "$date" | openssl dgst -sha1 -hmac $apiKey -binary | openssl enc -base64` curl -i --url "https://api.cdnetworks.com/api/waf/report/query-attack-event-list" \ -X "POST" \ -u "$username:$password" \ -H "Date: $date" \ -H 'Accept: application/json' \ -H 'Content-Type: application/json' \ -d '{ "domains": [ "example.xxx.xxx"], "endTime": "2021-09-23 00:00:00", "startTime": "2021-09-22 00:00:00" }'

#!/bin/bash
username="example_username"
# Note that this must be a single quote to avoid the special $ character
apiKey='example_apiKey'
date=`env LANG="en_US.UTF-8" date -u "+%a, %d %b %Y %H:%M:%S GMT"`
password=`echo -en "$date" | openssl dgst -sha1 -hmac $apiKey -binary | openssl enc -base64`

curl -i --url "https://api.cdnetworks.com/api/waf/report/query-attack-event-list" \
-X "POST" \
-u "$username:$password" \
-H "Date: $date" \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{ 
  "domains": [ "example.xxx.xxx"], 
  "endTime": "2021-09-23 00:00:00", 
  "startTime": "2021-09-22 00:00:00" 
}'

Response example Copy Copy success{ "code": "0", "message": "Success", "data": { "attackEventList": [ { "attackCount": 11647, "startTime": "2021-09-22 11:28:42", "endTime": "2021-09-22 16:09:21", "attackType": "WAF_FORCE_CRACKING", "customId": "xxx", "ip": "10.8.135.149", "attackEventType": "highFrequencyAttack", "attackTypeNameEn": "Rate Limiting", "attackTypeName": "Rate Limiting", "eventNameEn": "10.8.135.149 IP launch Brute Force attacks.", "eventName": "10.8.135.149 IP launch Brute Force attacks." } ], "totalCount": 1 } }

{
  "code": "0",
  "message": "Success",
  "data": {
    "attackEventList": [
      {
        "attackCount": 11647,
        "startTime": "2021-09-22 11:28:42",
        "endTime": "2021-09-22 16:09:21",
        "attackType": "WAF_FORCE_CRACKING",
        "customId": "xxx",
        "ip": "10.8.135.149",
        "attackEventType": "highFrequencyAttack",
        "attackTypeNameEn": "Rate Limiting",
        "attackTypeName": "Rate Limiting",
        "eventNameEn": "10.8.135.149 IP launch Brute Force attacks.",
        "eventName": "10.8.135.149 IP launch Brute Force attacks."
      }
    ],
    "totalCount": 1
  }
}

Is the content of this document helpful to you?

Yes

I have suggestion

GetWAFAttackEvent

Request

Body Params

Response

Body Params

Error code

Example

Directory