Current DDoS Attacks on Protected Objects¶
Overview¶
A list of protected objects that are currently under DDoS attack.
REST Endpoint: /mgmt/ap/query/v1/tenants/default/reports/AttackedProtectedObjectsList¶
Requests¶
GET /mgmt/ap/query/v1/tenants/default/reports/AttackedProtectedObjectsList¶
Query Parameters¶
| Name | Type | Required | Description |
|---|---|---|---|
| filter | string | False | Specifies a string or integer used to filter the results. You can filter based on one or more parameters. |
| orderby | string | False | Specifies the sorting parameter and order to apply to results. You can sort by reportedObject, reportedObjectType, health, attacksCount, dosProfileName or deviceName. The sort order can be ascending (asc) or descending (desc). The default value is “reportedObject”. |
| skip | number | False | Specifies the number of results in the ordered list to skip. The default value of skip is 0, meaning none are skipped and the results range from 1 to the top value. |
| top | query option | False | Specify the maximum number of results in the ordered list. The default value is 10. |
| under-attack | boolean | False | True means filter the protected objects for those currently under attack. The default value is true. |
Request Parameters¶
None
Response¶
HTTP/1.1 200 OK
| Name | Type | Description |
|---|---|---|
| items | object | The items that appear in the query. |
| attacksCount | number | The number of attacks detected on the protected object. |
| deviceName | string | The name of the BIG-IP that hosts the protected object. |
| dosProfiles | object | The DoS profile that detected the attack. |
| id | string | The profile’s unique identifier. |
| link | string | The link to the profile. |
| name | string | The profile’s name. |
| partition | string | The partition assigned to the profile. |
| dosProfileName | string | The name of the DoS profile that detected the attack. |
| health | HealthEnum | The health of the protected object. |
| mitigation | string | The mitigation applied to the attack. |
| reportedObject | string | The name of the object of the detected attack. |
| reportedObjectId | string | The unique identifier of the object of the detected attack. |
| reportedObjectType | string | The type of object attack. |
| itemsPerPage | long | The number of items per page. |
| pageIndex | long | The chronological page number as of which to display query results. |
| startIndex | number | Item index number for which results start. Item index numbers are chronological. |
| total | number | Total number of result items |
| totalPages | number | Number of pages in the result. |
Permissions¶
| Role | Allow |
|---|---|
| Security Manager | Yes |
Examples¶
GET to retrieve a list of protected objects currently under DoS attack¶
The following example returns the top 50 items ordered by the health state in descending order.
GET https://<BIG-IQ>/mgmt/ap/query/v1/tenants/default/reports/AttackedProtectedObjectsList?%$orderby=health desc&$skip=0&$top=50
Response¶
{
"kind": "ap:compose:Report",
"lastUpdateMicros": 676822474978,
"result": {
"totalItems": 2,
"items": [{
"reportedObject": "dosHttpApp3",
"reportedObjectType": "Application",
"reportedObjectId": "fae2e013-f637-3e7d-a1a2-fea2c51af30e",
"health": "Critical",
"attacksCount": 1,
"mitigation": "Transparent",
"dosProfiles": [{
"id": "91e11da6-0a75-31b1-8aa3-2e505b7caaf7",
"name": "HttpDosProfile_transparent_1550577180907",
"link": "https://localhost/mgmt/cm/security-shared/working-config/dos-profiles/91e11da6-0a75-31b1-8aa3-2e505b7caaf7",
"partition": "Common"
}],
"dosProfileName": "HttpDosProfile_transparent_1550577180907",
"deviceName": "bigip_10-241-209-66.f5net.com"
}, {
"reportedObject": "dosHttpApp4",
"reportedObjectType": "Application",
"reportedObjectId": "a41b6794-20e1-33d7-baf3-6b835d0d2fb1",
"health": "Critical",
"attacksCount": 1,
"mitigation": "Client Side",
"dosProfiles": [{
"id": "30e7bde5-0bd9-3a29-b24f-bbaee127a646",
"name": "HttpDosProfile_blocking_1550577180672",
"link": "https://localhost/mgmt/cm/security-shared/working-config/dos-profiles/30e7bde5-0bd9-3a29-b24f-bbaee127a646",
"partition": "Common"
}],
"dosProfileName": "HttpDosProfile_blocking_1550577180672",
"deviceName": "bigip_10-241-209-66.f5net.com"
}],
"itemsPerPage": 0,
"startIndex": 0,
"totalPages": 0,
"pageIndex": 0,
"currentItemCount": 2
},
"requestDurationInMillis": 765
}