Network DDoS Attack Summary¶
Overview¶
A summary overview of an ongoing Network denial of service (DoS) attack.
Requests¶
Examples¶
GET to retrieve a single attack summary¶
Following is an example of a response to the API call for an attack of a specified ID
GET https://<BIG-IQ>/mgmt/ap/query/v1/tenants/default/reports/NetworkCorrelatedAttackDetailsSummary?$id=Network_Tier1-Yoav_StaticIP-78.olympus.f5net.com/Common/vs1_networkDos_20/03/23,14:20
Response¶
{
"kind": "ap:compose:Report",
"lastUpdateMicros": 148265824317,
"result": {
"id": "Network_Tier1-Yoav_StaticIP-78.olympus.f5net.com/Common/vs1_networkDos_20/03/23,14:20",
"alertsHistory": [
{
"id": "\u0001\u001F4¯(®\"",
"title": "DoS Attack status change",
"timestamp": 1584966600738,
"severity": "Critical"
},
{
"id": "ÏoH \u0013¾\u0012P",
"title": "DoS Attack status change",
"timestamp": 1584966540410,
"severity": "Critical"
},
{
"id": "\nZI:Xo:",
"title": "DoS Attack status change",
"timestamp": 1584966480673,
"severity": "Critical"
},
{
"id": "ÃVPröжq",
"title": "DoS Attack status change",
"timestamp": 1584966420443,
"severity": "Critical"
},
{
"id": "\t¯´=ÙÊ",
"title": "DoS Attack status change",
"timestamp": 1584966360641,
"severity": "Critical"
}
],
"severity": "Critical",
"protectedObject": "/Common/vs1",
"protectedObjectType": "Virtual Server",
"protectedObjectId": "b4e02aa0-8c58-368b-88e1-972746b586ff",
"dosProfile": "/Common/networkDos",
"attackVector": "TCP SYN flood",
"attackVectorId": "tcp-syn-flood",
"mitigation": "Blocked",
"trigger": "Volumetric, Aggregated across all SrcIP's, VS-specific attack, metric:PPS",
"protocol": "Network",
"startTime": 1584966000710,
"duration": 644597,
"status": "Active",
"allTransactionsTs": [
{
"timeMillis": 1584963300000,
"count": 0,
"allTransactions": 0.0
},
{
"timeMillis": 1584963600000,
"count": 0,
"allTransactions": 0.0
},
{
"timeMillis": 1584963900000,
"count": 0,
"allTransactions": 0.0
},
{
"timeMillis": 1584964200000,
"count": 0,
"allTransactions": 0.0
},
{
"timeMillis": 1584964500000,
"count": 0,
"allTransactions": 0.0
},
{
"timeMillis": 1584964800000,
"count": 0,
"allTransactions": 0.0
},
{
"timeMillis": 1584965100000,
"count": 0,
"allTransactions": 0.0
},
{
"timeMillis": 1584965400000,
"count": 0,
"allTransactions": 0.0
},
{
"timeMillis": 1584965700000,
"count": 0,
"allTransactions": 0.0
},
{
"timeMillis": 1584966000000,
"count": 14,
"allTransactions": 38.016666666666666
},
{
"timeMillis": 1584966300000,
"count": 20,
"allTransactions": 86.85
},
{
"timeMillis": 1584966570000,
"count": 18,
"allTransactions": 88.87407407407407
}
],
"blockedTransactionsTs": [
{
"timeMillis": 1584963300000,
"count": 0,
"blockedTransactions": 0.0
},
{
"timeMillis": 1584963600000,
"count": 0,
"blockedTransactions": 0.0
},
{
"timeMillis": 1584963900000,
"count": 0,
"blockedTransactions": 0.0
},
{
"timeMillis": 1584964200000,
"count": 0,
"blockedTransactions": 0.0
},
{
"timeMillis": 1584964500000,
"count": 0,
"blockedTransactions": 0.0
},
{
"timeMillis": 1584964800000,
"count": 0,
"blockedTransactions": 0.0
},
{
"timeMillis": 1584965100000,
"count": 0,
"blockedTransactions": 0.0
},
{
"timeMillis": 1584965400000,
"count": 0,
"blockedTransactions": 0.0
},
{
"timeMillis": 1584965700000,
"count": 0,
"blockedTransactions": 0.0
},
{
"timeMillis": 1584966000000,
"count": 7,
"blockedTransactions": 33.94
},
{
"timeMillis": 1584966300000,
"count": 10,
"blockedTransactions": 78.86333333333333
},
{
"timeMillis": 1584966570000,
"count": 9,
"blockedTransactions": 80.85555555555555
}
],
"currAllTransactions": 88.7125,
"currBlockedTransactions": 80.70833333333333,
"totalDropped": 45490
},
"requestDurationInMillis": 27
}