Skip to content
Was this article helpful?

si_app_summary

Configuration for AF Threat Data Report table resource.

Properties

(click to see Operations )

Name Data Type Permissions Description
violation_category <String> Read-write Violation Category.
severity_type <String> Read-write Severity Type.

Maximum length = 255
__count <Double> Read-write Number of records.
country_code <String> Read-write Country Code.

Maximum length = 255
violation_action <String> Read-write Violation Action.

Maximum length = 255
threat_index <Double> Read-write Threat Index.
appfwlogexprvalue <String> Read-write AppFw Log Expr value.

Maximum length = 7168
violation_location <String> Read-write Violation Location.

Maximum length = 255
id <String> Read-write Id is Security check violation name.

Maximum length = 255
http_method <String> Read-write http_method.

Maximum length = 50
violation_value <String> Read-write Violation Value.

Maximum length = 255
not_blocked_flags <Double> Read-write Not Block Flags.
appfwlogexprname <String> Read-write AppFw Log Expr Name.

Maximum length = 512
name <String> Read-write AppName.

Maximum length = 255
attack_category <String> Read-write Attack Category.

Maximum length = 255
appfwlogexprcomment <String> Read-write AppFw Log Expr Comment.

Maximum length = 128
http_req_url <String> Read-write HTTP Request URL.

Maximum length = 2048
block_flags <Double> Read-write Block Flags..
counter_value <Double> Read-write Counter Value.
violation_type <String> Read-write Violation Type.

Maximum length = 2048
signature_category <String> Read-write Signature Category.

Maximum length = 255
city <String> Read-write City Name.

Maximum length = 255
violation_name <String> Read-write Violation Name.

Maximum length = 255
severity <String> Read-write severity.

Maximum length = 255
source_ip_address <String> Read-write Source IP Address.

Maximum length = 255
attack_time <String> Read-write Attack Time.

Maximum length = 255
rpt_sample_time <Double> Read-write Report Sample time..
violation_threat_index <String> Read-write Violation Threat Index.

Maximum length = 2048
total_attacks <Double> Read-write total attacks..
transactionid <Double> Read-write Transaction ID.
transformed_flags <Double> Read-write Transformed Flags..
si_app_unit_name <String> Read-write AppName.

Maximum length = 255

Operations

(click to see Properties )

  • GET (ALL)

Some options that you can use for each operations:

  • Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the 'warning' query parameter as 'yes'. For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:

    http:// <netscaler-ip-address> /nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code '209 X-NITRO-WARNING'.

  • Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER: <username>

    X-NITRO-PASS: <password>

    Note: In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Note:

Mandatory parameters are marked in red and placeholder content is marked in green

The following parameters can be used in the nitro request : onerror <String_value>

Use this parameter to set the onerror status for nitro request. Applicable only for bulk requests.

Default value: EXIT

Possible values = EXIT, CONTINUE

get (all)

URL: https://<MGMT-IP>/nitro/v2/config/si_app_summary

Query-parameters:

cr_enabled Use this query-parameter to indicate cr is enabled or not.

Possible Values: 0, 1

report_start_time Use this query-parameter to specify the start time from which the summary for report is considered.

Possible Values: time in milli seconds

report_end_time Use this query-parameter to specify the end time until where summary for report is considered.

Possible Values: time in milli seconds

asc Use this query-parameter to specify whether the results should be in ascending order or not.

Possible Values: yes, no

sla_enabled Use this query-parameter to indicate sla is enabled or not.

Possible Values: 0, 1

order_by Use this query-parameter to get the result that is ordered by the given property.

Possible Values: total_attacks

type Use this query-parameter to specify the type.

Possible Values: total_attacks

HTTPS Method: GET

Response:

HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error

Response Headers:

Content-Type:application/json

Response Payload:

{ "errorcode": 0, "message": "Done", "severity": ;ltString_value;gt, "si_app_summary":[{
      "violation_category":<String_value>,
      "severity_type":<String_value>,
      "__count":<Double_value>,
      "country_code":<String_value>,
      "violation_action":<String_value>,
      "threat_index":<Double_value>,
      "appfwlogexprvalue":<String_value>,
      "violation_location":<String_value>,
      "id":<String_value>,
      "http_method":<String_value>,
      "violation_value":<String_value>,
      "not_blocked_flags":<Double_value>,
      "appfwlogexprname":<String_value>,
      "name":<String_value>,
      "attack_category":<String_value>,
      "appfwlogexprcomment":<String_value>,
      "http_req_url":<String_value>,
      "block_flags":<Double_value>,
      "counter_value":<Double_value>,
      "violation_type":<String_value>,
      "signature_category":<String_value>,
      "city":<String_value>,
      "violation_name":<String_value>,
      "severity":<String_value>,
      "source_ip_address":<String_value>,
      "attack_time":<String_value>,
      "rpt_sample_time":<Double_value>,
      "violation_threat_index":<String_value>,
      "total_attacks":<Double_value>,
      "si_device_ip_address":<String_value>,
      "transactionid":<Double_value>,
      "transformed_flags":<Double_value>,
      "si_app_unit_name":<String_value>}]}
Was this article helpful?