DDoS Protected Objects¶
Overview¶
A list of protected virtual servers and applications.
REST Endpoint: /mgmt/ap/query/v1/tenants/default/reports/AttackedProtectedObjectsList¶
Requests¶
GET /mgmt/ap/query/v1/tenants/default/reports/AttackedProtectedObjectsList¶
Query Parameters¶
| Name | Type | Required | Description |
|---|---|---|---|
| $filter | string | False | Specifies a string or integer used to filter the results. You can filter based on one or more parameters. “attacksCount gt ‘0’” filter can be used retrieve only attacked protected objects. |
| $orderby | string | False | Specifies the sorting parameter and order to apply to results. You can sort by reportedObject, reportedObjectType, health, attacksCount, dosProfileName or deviceName. The sort order can be ascending (asc) or descending (desc). The default value is “reportedObject”. |
| $skip | number | False | Specifies the number of results in the ordered list to skip. The default value of skip is 0, meaning none are skipped and the results range from 1 to the top value. |
| $top | query option | False | Specify the maximum number of results in the ordered list. The default value is 10. |
Request Parameters¶
None
Response¶
HTTP/1.1 200 OK
| Name | Type | Description |
|---|---|---|
| items | object | The items that appear in the query. |
| reportedObject | string | The name of the protected object. |
| reportedObjectId | string | The unique identifier of the protected object. |
| reportedObjectType | string | The type of the protected object. |
| attacksCount | number | The number of attacks detected on the protected object. |
| dosProfiles | object | The DoS profiles assigned to the protected object. |
| id | string | The profile’s unique identifier. |
| link | string | The link to the profile. |
| name | string | The profile’s name. |
| partition | string | The partition assigned to the profile. |
| dosProfileName | string | The name of the first DoS profile assigned to the protected object or a profile that detected an ongoing attack. |
| health | HealthEnum | The health of the protected object. |
| mitigation | string | The mitigation The mitigation assigned to the protected object. |
| deviceName | string | The name of the device that hosts the protected object or the name of the cluster is the device is clustered. |
| itemsPerPage | long | The number of items per page. |
| pageIndex | long | The chronological page number as of which to display query results. |
| startIndex | number | Item index number for which results start. Item index numbers are chronological. |
| total | number | Total number of result items |
| totalPages | number | Number of pages in the result. |
Permissions¶
| Role | Allow |
|---|---|
| Security Manager | Yes |
| Network Security Viewer | Yes |
| Network Security Manager | Yes |
Examples¶
GET to retrieve a List of the protected objects¶
The following example returns the top 50 items ordered by the health state in descending order.
GET https://<BIG-IQ>/mgmt/ap/query/v1/tenants/default/reports/AttackedProtectedObjectsList?%$orderby=health desc&$skip=0&$top=50
Response¶
{
"kind": "ap:compose:Report",
"lastUpdateMicros": 70341365116,
"result": {
"totalItems": 10,
"items": [
{
"reportedObject": "partitionOnBIGIP_dnsApp",
"reportedObjectType": "Application Service",
"reportedObjectId": "d551add7-ea30-3081-9657-dc683682fde4",
"health": "Other",
"attacksCount": 0,
"dosProfileName": ""
},
{
"reportedObject": "dosNetworkApp2",
"reportedObjectType": "Application Service",
"reportedObjectId": "b091f34d-8eaa-3ff7-befc-a1345d0d0cb0",
"health": "Good",
"attacksCount": 2,
"mitigation": "Blocked",
"dosProfiles": [
{
"id": "4d112ff8-4b33-31b1-8c42-e530d7251747",
"name": "NetworkDosProfile_blocking_1563707938623",
"link": "https://localhost/mgmt/cm/security-shared/working-config/dos-profiles/4d112ff8-4b33-31b1-8c42-e530d7251747",
"partition": "Common"
}
],
"dosProfileName": "NetworkDosProfile_blocking_1563707938623",
"deviceName": "Tier1-Stav_StaitcIP-75.olympus.f5net.com"
},
{
"reportedObject": "httpApp4",
"reportedObjectType": "Application Service",
"reportedObjectId": "f71c546b-cf66-3fc0-a850-2120f290a8a6",
"health": "Good",
"attacksCount": 0,
"dosProfileName": ""
},
{
"reportedObject": "httpApp5",
"reportedObjectType": "Application Service",
"reportedObjectId": "c8c5d02f-fe08-361e-98bb-1646ef807ba6",
"health": "Good",
"attacksCount": 0,
"dosProfileName": ""
},
{
"reportedObject": "/Common/dosVS",
"reportedObjectType": "Virtual Server",
"reportedObjectId": "8b08e3b5-5bc9-3ce7-ba3a-7358c53202ec",
"health": "Good",
"attacksCount": 0,
"dosProfiles": [
{
"id": "a09cfa43-43e0-3506-9335-9f6a9dfbaad7",
"name": "NetworkDosProfile_transparent_1563707939116",
"link": "https://localhost/mgmt/cm/security-shared/working-config/dos-profiles/a09cfa43-43e0-3506-9335-9f6a9dfbaad7",
"partition": "Common"
}
],
"dosProfileName": "/Common/NetworkDosProfile_transparent_1563707939116",
"deviceName": "Tier1-Stav_StaitcIP-75.olympus.f5net.com"
},
{
"reportedObject": "/Common/dnsListener1",
"reportedObjectType": "Virtual Server",
"reportedObjectId": "00236f77-267e-334e-9c83-62fe61bf54cb",
"health": "Good",
"attacksCount": 0,
"dosProfileName": "",
"deviceName": "Tier1-Stav_StaitcIP-75.olympus.f5net.com"
},
{
"reportedObject": "/Common/dnsVs1",
"reportedObjectType": "Virtual Server",
"reportedObjectId": "0c887ab5-3570-388a-9fa3-f4f129fa26da",
"health": "Good",
"attacksCount": 0,
"dosProfileName": "",
"deviceName": "Tier1-Stav_StaitcIP-75.olympus.f5net.com"
},
{
"reportedObject": "httpApp",
"reportedObjectType": "Application Service",
"reportedObjectId": "01a092c7-f2a2-34b4-ae51-3ed44e8860a8",
"health": "Good",
"attacksCount": 0,
"dosProfileName": ""
},
{
"reportedObject": "partitionOnBIGIP_as3Http",
"reportedObjectType": "Application Service",
"reportedObjectId": "d251b43c-dd76-3b31-8867-69a1de997beb",
"health": "Good",
"attacksCount": 0,
"dosProfileName": ""
},
{
"reportedObject": "dosNetworkApp1",
"reportedObjectType": "Application Service",
"reportedObjectId": "f1d18d1a-311e-3bb8-9219-8dcb70b95115",
"health": "Critical",
"attacksCount": 2,
"mitigation": "Transparent",
"dosProfiles": [
{
"id": "a09cfa43-43e0-3506-9335-9f6a9dfbaad7",
"name": "NetworkDosProfile_transparent_1563707939116",
"link": "https://localhost/mgmt/cm/security-shared/working-config/dos-profiles/a09cfa43-43e0-3506-9335-9f6a9dfbaad7",
"partition": "Common"
}
],
"dosProfileName": "NetworkDosProfile_transparent_1563707939116",
"deviceName": "Tier1-Stav_StaitcIP-75.olympus.f5net.com"
}
],
"itemsPerPage": 50,
"startIndex": 0,
"totalPages": 1,
"pageIndex": 0,
"currentItemCount": 10
},
"requestDurationInMillis": 2139
}
GET to retrieve a List of the protected objects which are currently under a DoS attack¶
The following example returns the top 50 items ordered by the health state in descending order
GET https://<BIG-IQ>/mgmt/ap/query/v1/tenants/default/reports/AttackedProtectedObjectsList?%$orderby=health desc&$skip=0&$top=50&$filter=attacksCount gt '0'
Response¶
{
"kind": "ap:compose:Report",
"lastUpdateMicros": 70360033427,
"result": {
"totalItems": 2,
"items": [
{
"reportedObject": "dosNetworkApp2",
"reportedObjectType": "Application Service",
"reportedObjectId": "b091f34d-8eaa-3ff7-befc-a1345d0d0cb0",
"health": "Good",
"attacksCount": 2,
"mitigation": "Blocked",
"dosProfiles": [
{
"id": "4d112ff8-4b33-31b1-8c42-e530d7251747",
"name": "NetworkDosProfile_blocking_1563707938623",
"link": "https://localhost/mgmt/cm/security-shared/working-config/dos-profiles/4d112ff8-4b33-31b1-8c42-e530d7251747",
"partition": "Common"
}
],
"dosProfileName": "NetworkDosProfile_blocking_1563707938623",
"deviceName": "Tier1-Stav_StaitcIP-75.olympus.f5net.com"
},
{
"reportedObject": "dosNetworkApp1",
"reportedObjectType": "Application Service",
"reportedObjectId": "f1d18d1a-311e-3bb8-9219-8dcb70b95115",
"health": "Critical",
"attacksCount": 2,
"mitigation": "Transparent",
"dosProfiles": [
{
"id": "a09cfa43-43e0-3506-9335-9f6a9dfbaad7",
"name": "NetworkDosProfile_transparent_1563707939116",
"link": "https://localhost/mgmt/cm/security-shared/working-config/dos-profiles/a09cfa43-43e0-3506-9335-9f6a9dfbaad7",
"partition": "Common"
}
],
"dosProfileName": "NetworkDosProfile_transparent_1563707939116",
"deviceName": "Tier1-Stav_StaitcIP-75.olympus.f5net.com"
}
],
"itemsPerPage": 50,
"startIndex": 0,
"totalPages": 1,
"pageIndex": 0,
"currentItemCount": 2
},
"requestDurationInMillis": 2246
}