GET /api/aggressive_ips?:filter=:value
Parameters
| Filter Name | Description |
|---|---|
| service |
comma separated array of services |
| seen_count | number of times the IP has been seen (defaults to 10) |
| last_seen_ts |
date the IP was last seen on the network (defaults to 1 week ago) |
Request
Headers
Authorization: Token token=1
Route
GET /api/aggressive_ips?last_seen_ts=2016-02-21 10:15:59 -0800
Query Parameters
last_seen_ts: 2016-02-21 10:15:59 -0800
cURL Example
curl "https://api.security.berkeley.edu/api/aggressive_ips?last_seen_ts=2016-02-21 10:15:59 -0800" \ -X GET -H "Authorization: Token token=1"
Response
Headers
Content-Type: application/json; charset=utf-8 ETag: W/"4e1cf063cda77660bf638ffa54ba1143" Cache-Control: max-age=0, private, must-revalidate Content-Length: 209
Status
200 OK
Body
{
"aggressive_ips": [
{
"ip": "107.160.23.40",
"dst_port": 3306,
"service": "mysql",
"tags": [
"foo",
"bar"
],
"seen_count": 20,
"first_seen_ts": "2016-02-15T11:15:59.000-08:00",
"last_seen_ts": "2016-02-21T11:15:59.000-08:00"
}
]
}