analytics sip-dos report
analytics sip-dos report(1) BIG-IP TMSH Manual analytics sip-dos report(1)
NAME
report - Displays a SIP DoS analytics report.
MODULE
analytics sip-dos
SYNTAX
Show, save or send an analytics sip-dos report using the syntax shown in the following sections.
DISPLAY
show report view-by [ activity-type | application | attack-id | callee | caller | client-ip | country | country-code | dos-profile | mitigation | sip-method | sip-transaction-outcome | suspected-ip | trigger | vector | virtual | vlan ]
options:
drilldown {
{
entity [ activity-type | application | attack-id | callee | caller | client-ip | country | country-code | dos-profile | mitigation | sip-method | sip-transaction-outcome | suspected-ip | trigger | vector | virtual | vlan ]
values
{
[value ...]
}
} ...
}
field-fmt
include-total
include-others
limit [number of rows]
measures {
[measure name ...]
}
order-by {
{
measure [ measure name ]
sort-type [ asc | desc ]
} ...
}
range [date range]
SAVE
save report view-by [ activity-type | application | attack-id | callee | caller | client-ip | country | country-code | dos-profile | mitigation | sip-method | sip-transaction-outcome | suspected-ip | trigger | vector | virtual | vlan ]
options:
drilldown {
{
entity [ activity-type | application | attack-id | callee | caller | client-ip | country | country-code | dos-profile | mitigation | sip-method | sip-transaction-outcome | suspected-ip | trigger | vector | virtual | vlan ]
values
{
[value ...]
}
} ...
}
file [ file name ]
format [ csv-aggregated | csv-time-series | pdf ]
include-total
include-others
limit [number of rows]
measures {
[measure name ...]
}
order-by {
{
measure [ measure name ]
sort-type [ asc | desc ]
} ...
}
range [date range]
SEND
send-mail report view-by [ activity-type | application | attack-id | callee | caller | client-ip | country | country-code | dos-profile | mitigation | sip-method | sip-transaction-outcome | suspected-ip | trigger | vector | virtual | vlan ]
options:
drilldown {
{
entity [ activity-type | application | attack-id | callee | caller | client-ip | country | country-code | dos-profile | mitigation | sip-method | sip-transaction-outcome | suspected-ip | trigger | vector | virtual | vlan ]
values
{
[value ...]
}
} ...
}
email-addresses {
[email address ...]
}
format [ csv-aggregated | csv-time-series | pdf ]
include-total
include-others
limit [number of rows]
measures {
[measure name ...]
}
order-by {
{
measure [ measure name ]
sort-type [ asc | desc ]
} ...
}
range [date range]
smtp-config-override [ smtp configuration object name ]
DESCRIPTION
Use this command to generate SIP DoS analytics reports. You can generate a SIP DoS prevention analytics report for the
following entities:
• activity-type - Activity type.
• application - Application services (iApp).
• attack-id - DoS attack ID.
• callee - Callee.
• caller - Caller.
• client-ip - Source IP Address.
• country - Country.
• country-code - Country code.
• dos-profile - DoS profile.
• mitigation - Mitigation.
• sip-method - Method.
• sip-transaction-outcome - Transaction outcome.
• suspected-ip - Suspected IP Address.
• trigger - Trigger.
• vector - Attack vector.
• virtual - Virtual server.
• vlan - VLAN.
EXAMPLES
show analytics sip-dos report view-by attack-id
show analytics sip-dos report view-by vector drilldown { { entity method values { ACK } } }
send-mail analytics sip-dos report view-by callee limit 20 format pdf email-addresses { some.one@someaddress.com }
For more syntactical examples see manual for analytics report.
OPTIONS
device
Specifies a BIG-IP device on which to generate a report. (Enterprise Manager only)
device-list
Specifies a custom list of BIG-IP devices on which to generate a report. (Enterprise Manager only)
drilldown
Specifies specific entities that are used as a filter.
email-addresses
Specifies the list of email addresses to which the report file is sent when using the send-mail command.
file Specifies the exported file path to be saved when using the save command. The file name should be simple (not a full
path).
format
Specifies the exported file format to be saved or sent. This option must be specified when using the save or send-mail
commands.
include-others
Specifies that the grand total for the measure is displayed for all entities, except for those shown in the result.
This option must be used with the drilldown option. You can also use it along with include-others.
include-total
Specifies that a total summary row should be added to the analytics report. For average measures, the total value is
also an average.
limit
Specifies the maximum number of rows/entities in the output result set/file. The default value is 10, not including
the total row/entity. The maximum value is 1000.
measures
Specifies a list of measures that can be used with the chosen entity type. The options are:
attacks-count
The total number of attacks for the selected view-by entity.
requests-count
The total number of requests that were received by the virtual server(/s)s
requests-per-sec
The average number of requests that were received by the virtual server(/s)s
order-by
Specifies the measures and sort type (ascending or descending) that will be used to sort the final report. The value
for each measure is a previously chosen measure. The default value for sort type is desc (descending).
range
Specifies the time/date range of the analytics information that you want to display. The given results will reflect
the time range chosen here. The default value is the last hour (now--now-1h).
smtp-config-override
Specifies the SMTP configuration to use when sending reports by email. This overrides the default SMTP settings.
SEE ALSO
show, save, send-mail, tmsh, analytics, analytics report
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal
use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2013, 2015, 2018. All rights reserved.
BIG-IP 2018-10-20 analytics sip-dos report(1)