Vai al contenuto principale
GET
/
api
/
v1
/
log-analysis
cURL
curl --request GET \
  --url https://app.aegister.com/api/v1/log-analysis \
  --header 'X-Aegister-Token: <api-key>'
{
  "error": 0,
  "messages": [],
  "total": 20,
  "data": [
    {
      "id": 11,
      "state": "pending",
      "report": {
        "EnhancedFirewallAnalysisReport": {
          "report_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
          "generated_at": "2023-11-07T05:31:56Z",
          "summary_statistics": {
            "total_entries": 1234,
            "parsed_entries": 1200,
            "allowed_connections": 800,
            "denied_connections": 400,
            "unique_ips": 150,
            "malicious_ips": 25,
            "date_range": {
              "start_date": "2023-11-07T05:31:56Z",
              "end_date": "2023-11-07T05:31:56Z"
            },
            "parsing_success_rate": 0.97
          },
          "threat_intelligence": {
            "total_ips_analyzed": 150,
            "malicious_ips_identified": 25,
            "events_involving_malicious_ips": 120,
            "crime_level_distribution": {
              "low": 5,
              "medium": 8,
              "high": 7,
              "critical": 5
            },
            "top_threat_actors": [
              {
                "ip_address": "192.168.1.100",
                "event_count": 15,
                "crime_score": 250,
                "country": "US",
                "service": "SSH",
                "last_seen": "2023-11-07T05:31:56Z",
                "direction": "inbound"
              }
            ]
          },
          "atb_impact_analysis": {
            "current_blocked_events": 400,
            "atb_would_block": 120,
            "threat_reduction_percentage": 30,
            "unique_threats_blocked": 25,
            "current_security_score": 67,
            "improved_security_score": 87
          },
          "parser_statistics": {
            "detected_vendor": "sonicwall",
            "parser_used": "SonicWallParser",
            "parsing_errors": 34
          },
          "protocol_distribution": {
            "TCP": 800,
            "UDP": 300,
            "ICMP": 100
          },
          "timeline_data": [
            {
              "timestamp": "2023-11-07T05:31:56Z",
              "malicious_events": 5,
              "total_events": 50
            }
          ],
          "recommendations": [
            "Consider implementing ATB threat intelligence to block additional 120 malicious events"
          ],
          "key_findings": [
            "25 unique threat actors identified with crime scores above 175"
          ]
        }
      },
      "created_at": "2023-11-07T05:31:56Z",
      "file": {
        "name": "<string>",
        "path": "<string>",
        "size": 123,
        "type": "<string>",
        "stored": "<string>"
      }
    }
  ]
}

Authorizations

X-Aegister-Token
string
header
required

Query Parameters

limit
number
default:50

Max number of reponse items.

offset
number
default:0

Offset response items.

order
string
default:-id

Order results by item field

Response

200 - application/json
error
integer

Any value different from 0 indicates an error.
More details can be found in messages.

Required range: 0 <= x <= 0
Examples:

0

messages
any[]

If error is 1, contains zero or more details on the error.

Examples:
[]
total
number

Total number of items that meet the list filter.
This doesn't represent the number of items inside the data array.

Required range: x >= 0
Examples:

20

30

40

data
object[]