curl --request GET \
--url https://app.aegister.com/api/v1/log-analysis \
--header 'X-Aegister-Token: <api-key>'{
"error": 0,
"messages": "<array>",
"total": 1,
"data": [
{
"id": 123,
"state": "pending",
"report": {
"EnhancedFirewallAnalysisReport": {
"report_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"generated_at": "2023-11-07T05:31:56Z",
"summary_statistics": {
"total_entries": 123,
"parsed_entries": 123,
"allowed_connections": 123,
"denied_connections": 123,
"unique_ips": 123,
"malicious_ips": 123,
"date_range": {
"start_date": "2023-11-07T05:31:56Z",
"end_date": "2023-11-07T05:31:56Z"
},
"parsing_success_rate": 0.5
},
"threat_intelligence": {
"total_ips_analyzed": 123,
"malicious_ips_identified": 123,
"events_involving_malicious_ips": 123,
"crime_level_distribution": {
"low": 123,
"medium": 123,
"high": 123,
"critical": 123
},
"top_threat_actors": [
{
"ip_address": "127.0.0.1",
"event_count": 123,
"crime_score": 123,
"country": "<string>",
"service": "<string>",
"last_seen": "2023-11-07T05:31:56Z",
"direction": "inbound"
}
]
},
"atb_impact_analysis": {
"current_blocked_events": 123,
"atb_would_block": 123,
"threat_reduction_percentage": 50,
"unique_threats_blocked": 123,
"current_security_score": 50,
"improved_security_score": 50
},
"parser_statistics": {
"detected_vendor": "<string>",
"parser_used": "<string>",
"parsing_errors": 123
},
"protocol_distribution": {},
"timeline_data": [
{
"timestamp": "2023-11-07T05:31:56Z",
"malicious_events": 123,
"total_events": 123
}
],
"recommendations": [
"<string>"
],
"key_findings": [
"<string>"
]
}
},
"created_at": "2023-11-07T05:31:56Z",
"file": {
"name": "<string>",
"path": "<string>",
"size": 123,
"type": "<string>",
"stored": "<string>"
}
}
]
}Get Log Analysis list
Retrieves all log-analysis
curl --request GET \
--url https://app.aegister.com/api/v1/log-analysis \
--header 'X-Aegister-Token: <api-key>'{
"error": 0,
"messages": "<array>",
"total": 1,
"data": [
{
"id": 123,
"state": "pending",
"report": {
"EnhancedFirewallAnalysisReport": {
"report_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
"generated_at": "2023-11-07T05:31:56Z",
"summary_statistics": {
"total_entries": 123,
"parsed_entries": 123,
"allowed_connections": 123,
"denied_connections": 123,
"unique_ips": 123,
"malicious_ips": 123,
"date_range": {
"start_date": "2023-11-07T05:31:56Z",
"end_date": "2023-11-07T05:31:56Z"
},
"parsing_success_rate": 0.5
},
"threat_intelligence": {
"total_ips_analyzed": 123,
"malicious_ips_identified": 123,
"events_involving_malicious_ips": 123,
"crime_level_distribution": {
"low": 123,
"medium": 123,
"high": 123,
"critical": 123
},
"top_threat_actors": [
{
"ip_address": "127.0.0.1",
"event_count": 123,
"crime_score": 123,
"country": "<string>",
"service": "<string>",
"last_seen": "2023-11-07T05:31:56Z",
"direction": "inbound"
}
]
},
"atb_impact_analysis": {
"current_blocked_events": 123,
"atb_would_block": 123,
"threat_reduction_percentage": 50,
"unique_threats_blocked": 123,
"current_security_score": 50,
"improved_security_score": 50
},
"parser_statistics": {
"detected_vendor": "<string>",
"parser_used": "<string>",
"parsing_errors": 123
},
"protocol_distribution": {},
"timeline_data": [
{
"timestamp": "2023-11-07T05:31:56Z",
"malicious_events": 123,
"total_events": 123
}
],
"recommendations": [
"<string>"
],
"key_findings": [
"<string>"
]
}
},
"created_at": "2023-11-07T05:31:56Z",
"file": {
"name": "<string>",
"path": "<string>",
"size": 123,
"type": "<string>",
"stored": "<string>"
}
}
]
}Authorizations
Query Parameters
Max number of reponse items.
Offset response items.
Order results by item field
Response
Any value different from 0 indicates an error.
More details can be found in messages.
0 <= x <= 0If error is 1, contains zero or more details on the error.
Total number of items that meet the list filter.
This doesn't represent the number of items inside the data array.
x >= 0Mostra attributi figli
Mostra attributi figli
Unique identifier for the log-analysis.
State of the log-analysis.
pending, completed, failed Report of the log-analysis.
Mostra attributi figli
Mostra attributi figli
Enhanced firewall analysis report with threat intelligence.
Mostra attributi figli
Mostra attributi figli
Unique identifier for the analysis report.
Timestamp when the report was generated.
Summary statistics from log analysis.
Mostra attributi figli
Mostra attributi figli
Total number of log entries processed.
Number of successfully parsed log entries.
Number of allowed connections.
Number of denied connections.
Number of unique IP addresses identified.
Number of IPs identified as malicious.
Success rate of log parsing (0.0 to 1.0).
0 <= x <= 1Threat intelligence analysis results.
Mostra attributi figli
Mostra attributi figli
Total number of IPs analyzed for threats.
Number of IPs identified as malicious.
Number of log events involving malicious IPs.
Mostra attributi figli
Mostra attributi figli
List of top threat actors identified.
Mostra attributi figli
Mostra attributi figli
inbound, outbound Analysis of how ATB threat intelligence would improve security.
Mostra attributi figli
Mostra attributi figli
Events currently blocked by existing firewall.
Additional events ATB would have blocked.
Percentage improvement in threat blocking.
0 <= x <= 100Number of unique threat actors ATB would block.
Current security effectiveness score.
0 <= x <= 100Security score with ATB implementation.
0 <= x <= 100Statistics about parsing performance by vendor.
Mostra attributi figli
Mostra attributi figli
Detected firewall vendor.
Parser class used for analysis.
Number of parsing errors encountered.
Threat events over time for timeline visualization.
Security recommendations based on analysis.
Key findings from the analysis.
Date and time of creation of the log-analysis.