WAF Insights does not support automation via our REST API web service. If you are currently using WAF Insights, upgrade your WAF solution to take advantage of our REST API.
Lists the available event log fields and their definitions.
This endpoint only supports JSON.
A request to retrieve event log fields is described below.
HTTP Method | Request URI |
---|---|
GET |
https://api.edgecast.com/v2/mcc/customers/AccountNumber/waf/eventlogs/fields |
Define the following term when submitting the above request:
VariableA variable represents a value that must be replaced. A variable consists of either a URL segment (e.g., "0001" in /0001/) or a query string value (e.g., "3" in mediaTypes=3). | Description |
---|---|
Required |
|
This endpointIdentifies a request's connection point to our REST API service. only takes advantage of common request headers.
Request body parameters are not required by this endpoint.
The response to the above request includes an HTTP status code, response headers, and a response body.
This endpoint only supports JSON.
A status code indicates whether the request was successfully performed.
The response for this endpoint only includes standard HTTP response headers.
The response body for a successful request contains the following response parameters for each event log field returned by this endpoint:
Name | Data Type | Description |
---|---|---|
fields |
Array Objects |
This response parameter contains the set of available fields. |
name |
String |
fields array Indicates the name of a field. |
data_type |
String |
fields array Indicates the field's data type (e.g., string or number). |
description |
String |
fields array Describes the field's purpose. |
The response body for an unsuccessful request will contain an error response that provides additional information.
A sample JSON request is shown below.
GET https://api.edgecast.com/v2/mcc/customers/0001/waf/eventlogs/fields HTTP/1.1
Authorization: TOK:12345678-1234-1234-1234-1234567890ab
Accept: application/json
Host:api.edgecast.com
A sample JSON response is shown below.
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Date: Thu, 15 Apr 2021 12:00:00 GMT
Content-Length: 2475
{ "fields" : [{ "name" : "Timestamp", "data_type" : "date", "description" : "timestamp of log entry as UTC timestamp" }, { "name" : "Epoch Time", "data_type" : "epoch", "description" : "time of log event as epoch UTC" }, { "name" : "Action Type", "data_type" : "string", "description" : "what action was taken" }, { "name" : "Rule Severity", "data_type" : "int", "description" : "Severity value from WAF Rule violation" }, { "name" : "Rule Message", "data_type" : "string", "description" : "Message indicating reason for block or alert" }, { "name" : "Instance Name", "data_type" : "string", "description" : "name of the WAF instance" }, { "name" : "Profile Name", "data_type" : "string", "description" : "Name of profile which triggered violation" }, { "name" : "Profile Type", "data_type" : "string", "description" : "Profile type specifying audit or production" }, { "name" : "Rule ID", "data_type" : "string", "description" : "WAF Security config rule ID" }, { "name" : "Client IP", "data_type" : "ip", "description" : "Client IP from Request" }, { "name" : "Country Code", "data_type" : "string", "description" : "Two letter country code" }, { "name" : "User Agent", "data_type" : "string", "description" : "The clients user-agent" }, { "name" : "Host", "data_type" : "string", "description" : "Hostname from request" }, { "name" : "URL", "data_type" : "string", "description" : "URL from request" }, { "name" : "Referer", "data_type" : "string", "description" : "Referer from request" }, { "name" : "Rule Tags", "data_type" : "string", "description" : "WAF Rule Tags indicating type of violation" }, { "name" : "Matched Data", "data_type" : "string", "description" : "Data from client request that matched rule" }, { "name" : "Matched On", "data_type" : "string", "description" : "Name of Variable in Rule that matched" }, { "name" : "Matched Value", "data_type" : "string", "description" : "Value of Variable in Rule that matched" }, { "name" : "Rule Policy", "data_type" : "string", "description" : "WAF Rule Policy" }, { "name" : "id", "data_type" : "string", "description" : "ID of WAF event" } ] }