si_app_summary¶

Configuration for AF Threat Data Report table resource.

Properties¶

(click to see Operations )

Name	Data Type	Permissions	Description
violation_category	<String>	Read-write	Violation Category.
severity_type	<String>	Read-write	Severity Type. Maximum length = 255
__count	<Double>	Read-write	Number of records.
country_code	<String>	Read-write	Country Code. Maximum length = 255
violation_action	<String>	Read-write	Violation Action. Maximum length = 255
threat_index	<Double>	Read-write	Threat Index.
appfwlogexprvalue	<String>	Read-write	AppFw Log Expr value. Maximum length = 7168
violation_location	<String>	Read-write	Violation Location. Maximum length = 255
id	<String>	Read-write	Id is Security check violation name. Maximum length = 255
http_method	<String>	Read-write	http_method. Maximum length = 50
violation_value	<String>	Read-write	Violation Value. Maximum length = 255
not_blocked_flags	<Double>	Read-write	Not Block Flags.
appfwlogexprname	<String>	Read-write	AppFw Log Expr Name. Maximum length = 512
name	<String>	Read-write	AppName. Maximum length = 255
attack_category	<String>	Read-write	Attack Category. Maximum length = 255
appfwlogexprcomment	<String>	Read-write	AppFw Log Expr Comment. Maximum length = 128
http_req_url	<String>	Read-write	HTTP Request URL. Maximum length = 2048
block_flags	<Double>	Read-write	Block Flags..
counter_value	<Double>	Read-write	Counter Value.
violation_type	<String>	Read-write	Violation Type. Maximum length = 2048
signature_category	<String>	Read-write	Signature Category. Maximum length = 255
city	<String>	Read-write	City Name. Maximum length = 255
violation_name	<String>	Read-write	Violation Name. Maximum length = 255
severity	<String>	Read-write	severity. Maximum length = 255
source_ip_address	<String>	Read-write	Source IP Address. Maximum length = 255
attack_time	<String>	Read-write	Attack Time. Maximum length = 255
rpt_sample_time	<Double>	Read-write	Report Sample time..
violation_threat_index	<String>	Read-write	Violation Threat Index. Maximum length = 2048
total_attacks	<Double>	Read-write	total attacks..
transactionid	<Double>	Read-write	Transaction ID.
transformed_flags	<Double>	Read-write	Transformed Flags..
si_app_unit_name	<String>	Read-write	AppName. Maximum length = 255

Operations¶

(click to see Properties )

GET (ALL)

Some options that you can use for each operations:

Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the 'warning' query parameter as 'yes'. For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:
http:// <netscaler-ip-address> /nitro/v1/config/login?warning=yes
If any, the warnings are displayed in the response payload with the HTTP code '209 X-NITRO-WARNING'.
Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,
To do this, you must specify the username and password in the request header of the NITRO request as follows:
X-NITRO-USER: <username>
X-NITRO-PASS: <password>
Note: In such cases, make sure that the request header DOES not include the following:
Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Note: Mandatory parameters are marked in red and placeholder content is marked in green

The following parameters can be used in the nitro request : onerror <String_value>

Use this parameter to set the onerror status for nitro request. Applicable only for bulk requests.

Default value: EXIT

Possible values = EXIT, CONTINUE

get (all)¶

URL: https://<MGMT-IP>/nitro/v2/config/si_app_summary Query-parameters:

cr_enabled Use this query-parameter to indicate cr is enabled or not.

Possible Values: 0, 1 report_start_time Use this query-parameter to specify the start time from which the summary for report is considered.

Possible Values: time in milli seconds report_end_time Use this query-parameter to specify the end time until where summary for report is considered.

Possible Values: time in milli seconds asc Use this query-parameter to specify whether the results should be in ascending order or not.

Possible Values: yes, no sla_enabled Use this query-parameter to indicate sla is enabled or not.

Possible Values: 0, 1 order_by Use this query-parameter to get the result that is ordered by the given property.

Possible Values: total_attacks type Use this query-parameter to specify the type.

Possible Values: total_attacks HTTPS Method: GET

Response: HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error

Response Headers:

Content-Type:application/json

Response Payload:

{ "errorcode": 0, "message": "Done", "severity": ;ltString_value;gt, "si_app_summary":[{
"violation_category":<String_value>,
"severity_type":<String_value>,
"__count":<Double_value>,
"country_code":<String_value>,
"violation_action":<String_value>,
"threat_index":<Double_value>,
"appfwlogexprvalue":<String_value>,
"violation_location":<String_value>,
"id":<String_value>,
"http_method":<String_value>,
"violation_value":<String_value>,
"not_blocked_flags":<Double_value>,
"appfwlogexprname":<String_value>,
"name":<String_value>,
"attack_category":<String_value>,
"appfwlogexprcomment":<String_value>,
"http_req_url":<String_value>,
"block_flags":<Double_value>,
"counter_value":<Double_value>,
"violation_type":<String_value>,
"signature_category":<String_value>,
"city":<String_value>,
"violation_name":<String_value>,
"severity":<String_value>,
"source_ip_address":<String_value>,
"attack_time":<String_value>,
"rpt_sample_time":<Double_value>,
"violation_threat_index":<String_value>,
"total_attacks":<Double_value>,
"si_device_ip_address":<String_value>,
"transactionid":<Double_value>,
"transformed_flags":<Double_value>,
"si_app_unit_name":<String_value>}]}