Current DDoS Attacks on BIG-IPs¶
Overview¶
A list of BIG-IPs that are currently reporting distributed denial of service (DDoS) attacks.
REST Endpoint: /mgmt/ap/query/v1/tenants/default/reports/AttackedDevicesList¶
Requests¶
GET /mgmt/ap/query/v1/tenants/default/reports/AttackedDevicesList¶
Query Parameters¶
| Name | Type | Required | Description |
|---|---|---|---|
| $filter | string | False | Specifies a string or integer used to filter the results. You can filter based on one or more parameters. |
| $from | string | False | Specifies time to start results. The default uses the values of “-5m” for from and “now” for to, which starts from 5 minutes before the current time and ends at the current time. |
| $orderby | string | False | Specifies the sorting parameter and order to apply to results. You can sort by health, name, address, averageCpuUsage, averageMemoryUsage, throughputIn or throughputOut. The sort order can be ascending (asc) or descending (desc). The default value is “health desc”, which sorts by health in descending order. |
| $skip | number | False | Specifies the number of results in the ordered list to skip. The default value of skip is 0, meaning none are skipped and the results range from 1 to the top value. |
| $to | string | False | Specifies time to end results. The default uses the values of “-5m” for from and “now” for to, which starts from 5 minutes before the current time and ends at the current time. |
| $top | number | False | Specifies the maximum number of results in the ordered list. The default value is 10. |
Request Parameters¶
None
Response¶
HTTP/1.1 200 OK
The JSON in the response can include the following parameters.
| Name | Type | Description |
|---|---|---|
| items | object | The items returned by results. |
| activeAlerts | number | Number of alerts to the BIG-IP that are currently active. |
| address | string | The BIG-IP’s IP address. |
| averageCpuUsage | number | Average CPU usage by the BIG-IP over the past five minutes. |
| averageMemoryUsage | Double | Average memory usage by the BIG-IP over the past five minutes. |
| concurrentConnections | Double | Average number of concurrent connections to the BIG-IP over the past five minutes. |
| health | object | The BIG-IP’s current health. Possible values: “Critical”, “Moderate”, “Good” or “Other”. |
| name | string | The BIG-IP’s name. |
| newConnections | number | Average number of new connections to the BIG-IP over the past five minutes. |
| throughputIn | number | Average throughput in to the BIG-IP over the past five minutes. |
| throughputOut | number | Average throughput out of the BIG-IP over the past five minutes. |
| transactionsPerSecond | number | Average number of transactions per second over the past five minutes. |
| clusterName | string | Device’s cluster name |
| itemsPerPage | number | Number of items per page |
| pageIndex | number | Page index number for result. Page index numbers are chronological. |
| startIndex | number | Item index number for which results start. Item index numbers are chronological. |
| total | number | Total number of result items |
| totalPages | number | Number of pages in the result. |
Permissions¶
| Role | Allow |
|---|---|
| Security Manager | Yes |
| Network Security Viewer | Yes |
| Network Security Manager | Yes |
Examples¶
GET to retrieve a list of BIG-IPs currently under DoS attack¶
The following example returns the top 50 items ordered by the health state in descending order.
GET https://<BIG-IQ>/mgmt/ap/query/v1/tenants/default/reports/AttackedDevicesList?$orderby=health desc&$skip=0&$top=50
Response¶
{
"kind": "ap:compose:Report",
"lastUpdateMicros": 676542444271,
"result": {
"totalItems": 1,
"items": [{
"name": "bigip_10-241-209-66.sample.com",
"cpuUsage": 14.566326081752777,
"memoryUsage": 34.0,
"throughputIn": 8576.122222222222,
"throughputOut": 4995.7037037037035,
"concurrentConnections": 0.0,
"newConnections": 18.585185185185185,
"transactionsPerSecond": 18.585185185185185,
"health": "Good",
"activeAlerts": 4,
"address": "10.241.209.73",
"clusterName": "cluster1"
}],
"itemsPerPage": 50,
"startIndex": 0,
"totalPages": 1,
"pageIndex": 0,
"currentItemCount": 1
},
"requestDurationInMillis": 641
}