Incidents
On this page:
THE INCIDENT OBJECT |
|
GET[base]/incidents |
|
GET[base]/incidents/{incidentId} |
The Incident object
This object provides the following data about an incident (failed attempt to obtain a token because of invalid credentials) registered in the system:
- incidentId string
The incident identifier.
- fingerprint string
The combination of configuration attributes provided by the device from which a failed attempt has been made.
- attackId string
The identifier of a related attack.
- ipAddress string
The IP address from which a failed attempt has been registered.
- userAgent string
The information about the user agent originating the request. A string consists of one or more product identifiers, each followed by zero or more comments.
- requests integer
The number of failed attempts to obtain a token because of invalid credentials.
- createTime string
The date and time when the object has been created.
- updateTime string
The date and time when the object has been last updated.
{
"incidentId": "6006dda272f002519c3eb505",
"fingerprint": "7c2b4bc57b2c66fc9ccd645bd9a58a72",
"attackId": "6006dda272f002519c3eb505",
"ipAddress": "185.155.96.184",
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15",
"requests": 1,
"createTime": "2021-01-01T00:00:00+00:00",
"updateTime": "2021-01-01T00:00:00+00:00"
}
Get an incidents list
Use this method to obtain a list of incidents registered in the system.
To obtain detailed information about a specified incident, use a separate method to get incident details.
Request
Header parameters:
Authorization: Bearer <token>
Query parameters:
This method supports pagination, sorting, and filtering. For details on applying the parameters, refer to the Query parameters section. Possible parameters for filtering and sorting are listed below. For values description, refer to the Incident object.
Possible values for the filter parameter:
attackattackIdfingerprintrequestsipAddressuserAgentcreateDateupdateDate
Possible values for the sort_by parameter:
incidentIdattackIdfingerprintrequestsipAddressuserAgentcreateTime(default)updateTime
GET[base]/incidents
curl --location -g --request GET 'https://your.base-url.here/incidents?limit=10&offset=0&sort_by=createTime&sort_order=desc&filter[attack]=<boolean>&filter[attackId]=6006dda272f002519c3eb505&filter[createDate]=2021-01-01&filter[fingerprint]=7c2b4bc57b2c66fc9ccd645bd9a58a72&filter[ipAddress]=185.155.96.184&filter[requests]=1&filter[updateDate]=2021-01-01&filter[userAgent]=Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Safari/605.1.15' \
--header 'Authorization: Bearer <token>'
Response
Body:
In case of success, the response body contains an array of Incident objects providing information about all incidents that correspond to the query parameters specified in the request.
Get incident details
Use this method to obtain detailed information about a specified incident registered in the system.
To obtain a list of incidents, use a separate method to get a list of incidents.
Request
Header parameters:
Authorization: Bearer <token>
Path parameters:
- incidentId required
The incident identifier.
GET[base]/incidents/{incidentId}
curl --location --request GET 'https://your.base-url.here/incidents/60ba407d15951453e60e49f8' \
--header 'Authorization: Bearer <token>'
Response
Body:
In case of success, the response body contains an Incident object providing information about the specified incident.