ddos detection

DDoS Detection Commands

detection Specification

Parameter	Value
Type	Configuration Resource
Element Name	detection
Element URI	/axapi/v3/ddos/detection
Element Attributes	detection_attributes
Partition Visibility	shared
Schema	detection schema

Operations Allowed:

Operation	Method	URI	Payload
Create Object	POST	/axapi/v3/ddos/detection	detection attributes	example close
POST /axapi/v3/ddos/detection Payload: { "detection": { "disable": 1 } }
Get Object	GET	/axapi/v3/ddos/detection	detection attributes	example close
GET /axapi/v3/ddos/detection Reponse: { "detection": { "disable": 1, "uuid": "d54a1820-5563-11ed-aa00-dd2dfdd6bea0", "statistics": { "uuid": "d54a1a14-5563-11ed-aa00-dd2dfdd6bea0", "a10-url": "/axapi/v3/ddos/detection/statistics" }, "a10-url": "/axapi/v3/ddos/detection" } }
Modify Object	POST	/axapi/v3/ddos/detection	detection attributes
Replace Object	PUT	/axapi/v3/ddos/detection	detection attributes	example close
PUT /axapi/v3/ddos/detection Payload: { "detection": { "disable": 1 } }
Delete Object	DELETE	/axapi/v3/ddos/detection	detection attributes	example close
DELETE /axapi/v3/ddos/detection Reponse: { "response": { "status": "OK" } }

detection attributes

agent-list

Type: List

Reference Object: /axapi/v3/ddos/detection/agent/{agent-name}

ddos-script

Description: ddos-script is a JSON Block. Please see below for ddos-script

Type: Object

Reference Object: /axapi/v3/ddos/detection/ddos-script

disable

Description Disable DDoS detection (default: enabled)

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

resource-usage

Description: resource-usage is a JSON Block. Please see below for resource-usage

Type: Object

Reference Object: /axapi/v3/ddos/detection/resource-usage

settings

Description: settings is a JSON Block. Please see below for settings

Type: Object

Reference Object: /axapi/v3/ddos/detection/settings

statistics

Description: statistics is a JSON Block. Please see below for statistics

Type: Object

Reference Object: /axapi/v3/ddos/detection/statistics

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

resource-usage

Specification	Value
Type	object

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

statistics

Specification	Value
Type	object

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

settings

Specification	Value
Type	object

de-escalation-quiet-time

Description Configure de-escalation needed time in minutes from level 1 to 0.(default 1 minutes)

Type: number

Range: 1-60

detection-window-size

Description Configure detection window size in seconds (DDoS detection window size in seconds(default: 1))

Type: number

Range: 1-60

Default: 1

detector-mode

Description ‘standalone’: Standalone detector; ‘on-box’: Mitigator and Detector on the same box; ‘auto-svc-discovery’: Auto Service discovery using Visibility module;

Type: string

Supported Values: standalone, on-box, auto-svc-discovery

initial-learning-interval

Description Initial learning interval (in hours) before processing

Type: number

Range: 1-168

notification-debug-log

Description ‘enable’: Enable detection notification debug log (default: disabled);

Type: string

Supported Values: enable

pkt-sampling

Description: pkt-sampling is a JSON Block. Please see below for settings_pkt-sampling

Type: Object

standalone-settings

Description: standalone-settings is a JSON Block. Please see below for settings_standalone-settings

Type: Object

Reference Object: /axapi/v3/ddos/detection/settings/standalone-settings

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

settings_standalone-settings

Specification	Value
Type	object

netflow

Description: netflow is a JSON Block. Please see below for settings_standalone-settings_netflow

Type: Object

Reference Object: /axapi/v3/ddos/detection/settings/standalone-settings/netflow

sflow

Description: sflow is a JSON Block. Please see below for settings_standalone-settings_sflow

Type: Object

Reference Object: /axapi/v3/ddos/detection/settings/standalone-settings/sflow

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

settings_standalone-settings_netflow

Specification	Value
Type	object

listening-port

Description Netflow port to receive packets (Netflow port number(default 9996))

Type: number

Range: 1-65535

Default: 9996

template-active-timeout

Description Configure active timeout of the netflow templates received in mins (Template active timeout(mins)(default 30mins))

Type: number

Range: 2-300

Default: 30

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

settings_standalone-settings_sflow

Specification	Value
Type	object

listening-port

Description sFlow port to receive packets (sFlow port number(default 6343))

Type: number

Range: 1-65535

Default: 6343

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

settings_pkt-sampling

Specification	Value
Type	object

assign-index

Description Lower index is more aggressive sampling

Type: number

Range: 1-64

assign-rate

Description Assign rate to given index

Type: number

Range: 1-50000000

override-rate

Description Sample 1 in X packets (default: X=1)

Type: number

Range: 1-50000000

ddos-script

Specification	Value
Type	object

action

Description ‘delete’: delete;

Type: string

Supported Values: delete

file

Description startup-config local file name

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

agent-list

Specification	Value
Type	list
Block object keys

agent-name

Description Specify name for the agent

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

agent-v4-addr

Description Configure agent’s IPv4 address

Type: string

Format: ipv4-address

agent-v6-addr

Description Configure agent’s IPv6 address

Type: string

Format: ipv6-address

netflow

Description: netflow is a JSON Block. Please see below for agent-list_netflow

Type: Object

Reference Object: /axapi/v3/ddos/detection/agent/{agent-name}/netflow

sflow

Description: sflow is a JSON Block. Please see below for agent-list_sflow

Type: Object

Reference Object: /axapi/v3/ddos/detection/agent/{agent-name}/sflow

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

agent-list_sflow

Specification	Value
Type	object

sflow-pkt-samples-collection

Description ‘enable’: Enable sflow packet samples collection(default); ‘disable’: Disable sflow packet samples collection;

Type: string

Supported Values: enable, disable

Default: enable

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

agent-list_netflow

Specification	Value
Type	object

netflow-samples-collection

Description ‘enable’: Enable Netflow flow samples collection(default); ‘disable’: Disable Netflow flow samples collection;

Type: string

Supported Values: enable, disable

Default: enable

netflow-sampling-rate

Description Configure agent’s netflow sampling rate

Type: number

Range: 1-65535

Default: 1

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters