.. _ddos_detection_settings:

ddos detection settings
=======================

Configure ddos detection settings


settings Specification
----------------------

	===================================== ================================================================
	 **Parameter**                         **Value** 

	===================================== ================================================================
	 **Type**                              *Configuration Resource*

	 **Element Name**                      settings

	 **Element URI**                       /axapi/v3/ddos/detection/settings

	 **Element Attributes**                settings_attributes

	 **Partition Visibility**              shared

	 **Schema**                             :download:`settings schema <ddos-detection-settings/ddos-detection-settings.txt>`
	===================================== ================================================================





	**Operations Allowed:**




.. raw:: html

   <script type="text/javascript">
 function showExample(a,b) { document.getElementById(a+'_div').style.display = 'block'; document.getElementById(a+'_cl').style.display = 'block'; document.getElementById(a+'_eg').style.display = 'none';}
   function closeExample(a,b) { document.getElementById(a+'_div').style.display = 'none'; document.getElementById(a+'_cl').style.display = 'none'; document.getElementById(a+'_eg').style.display = 'block';}
 </script>
   <table width='90%' style='margin-left:5%'>



.. raw:: html

   <tr style='border-bottom: thin solid; border-top: thin solid'><th width=15%>Operation</th><th width=10%>Method</th><th>URI</th><th width=15%>Payload</th><th width=10%></th></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Create Object



.. raw:: html

   </td><td valign = 'top'>


POST



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/ddos/detection/settings



.. raw:: html

   </td><td valign = 'top'>


:ref:`675_settings_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Get Object



.. raw:: html

   </td><td valign = 'top'>


GET



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/ddos/detection/settings



.. raw:: html

   </td><td valign = 'top'>


:ref:`675_settings_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Modify Object



.. raw:: html

   </td><td valign = 'top'>


POST



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/ddos/detection/settings



.. raw:: html

   </td><td valign = 'top'>


:ref:`675_settings_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Replace Object



.. raw:: html

   </td><td valign = 'top'>


PUT



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/ddos/detection/settings



.. raw:: html

   </td><td valign = 'top'>


:ref:`675_settings_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Delete Object



.. raw:: html

   </td><td valign = 'top'>


DELETE



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/ddos/detection/settings



.. raw:: html

   </td><td valign = 'top'>


:ref:`675_settings_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   </table>

.. _675_settings_attributes:

settings attributes
-------------------

    **ctrl-cpu-usage**

        **Description** Control cpu usage threshold for DDoS detection

        **Type:** number

        **Range:** 1-100

    **de-escalation-quiet-time**

        **Description** Configure de-escalation needed time in minutes from level 1 to 0.(default 1 minutes)

        **Type:** number

        **Range:** 1-60

    **dedicated-cpus**

        **Description** Configure the number of dedicated cores for detection

        **Type:** number

        **Range:** 1-32

    **detection-window-size**

        **Description** Configure detection window size in seconds (DDoS detection window size in seconds(default: 1))

        **Type:** number

        **Range:** 1-60

        **Default:** 1

    **detector-mode**

        **Description** 'standalone': Standalone detector; 'on-box': Mitigator and Detector on the same box; 'auto-svc-discovery': Auto Service discovery using Visibility module (Deprecatd); 

        **Type:** string

        **Supported Values:** standalone, on-box, auto-svc-discovery

    **export-interval**

        **Description** Configure Baselining and export interval in seconds (DDoS Baselining and export interval in seconds(default: 20))

        **Type:** number

        **Range:** 20-3000

        **Default:** 20

    **full-core-enable**

        **Description** Enable full core

        **Type:** boolean

        **Supported Values:** true, false, 1, 0

        **Default:** 0

    **histogram-de-escalate-percentage**

        **Description** histogram de-escalate sensitivity for DDoS detection

        **Type:** number

        **Range:** 1-100

    **histogram-escalate-percentage**

        **Description** histogram escalate sensitivity for DDoS detection

        **Type:** number

        **Range:** 1-100

    **initial-learning-interval**

        **Description** Initial learning interval (in hours) before processing

        **Type:** number

        **Range:** 1-168

    **notification-debug-log**

        **Description** 'enable': Enable detection notification debug log (default: disabled); 

        **Type:** string

        **Supported Values:** enable

    **pkt-sampling**

        **Description:** pkt-sampling is a **JSON Block**.  Please see below for :ref:`675_pkt-sampling` 

        **Type:** Object

    **standalone-settings**

        **Description:** standalone-settings is a **JSON Block**.  Please see below for :ref:`675_standalone-settings` 

        **Type:** Object

        **Reference Object:** :doc:`/axapi/v3/ddos/detection/settings/standalone-settings <ddos_detection_settings_standalone_settings>`

    **top-k-reset-interval**

        **Description** Configure top-k reset interval

        **Type:** number

        **Range:** 1-60

    **uuid**

        **Description** uuid of the object

        **Type:** string

        **Maximum Length:** 64 characters

        **Maximum Length:** 1 characters

.. _675_standalone-settings:

standalone-settings
^^^^^^^^^^^^^^^^^^^
	=============================== ===================================================
	**Specification**                 **Value**
	=============================== ===================================================
	 **Type**                        *object*

	=============================== ===================================================

    **action**

        **Description** 'enable': Enable standalone detector; 'disable': Disable standalone detector (default); 

        **Type:** string

        **Supported Values:** enable, disable

        **Default:** disable

    **de-escalation-quiet-time**

        **Description** Configure de-escalation needed time in minutes from level 1 to 0.(default 6 minutes)

        **Type:** number

        **Range:** 1-60

    **netflow**

        **Description:** netflow is a **JSON Block**.  Please see below for :ref:`675_standalone-settings_netflow` 

        **Type:** Object

        **Reference Object:** :doc:`/axapi/v3/ddos/detection/settings/standalone-settings/netflow <ddos_detection_settings_standalone_settings_netflow>`

    **sflow**

        **Description:** sflow is a **JSON Block**.  Please see below for :ref:`675_standalone-settings_sflow` 

        **Type:** Object

        **Reference Object:** :doc:`/axapi/v3/ddos/detection/settings/standalone-settings/sflow <ddos_detection_settings_standalone_settings_sflow>`

    **uuid**

        **Description** uuid of the object

        **Type:** string

        **Maximum Length:** 64 characters

        **Maximum Length:** 1 characters

.. _675_standalone-settings_netflow:

standalone-settings_netflow
^^^^^^^^^^^^^^^^^^^^^^^^^^^
	=============================== ===================================================
	**Specification**                 **Value**
	=============================== ===================================================
	 **Type**                        *object*

	=============================== ===================================================

    **listening-port**

        **Description** Netflow port to receive packets (Netflow port number(default 9996))

        **Type:** number

        **Range:** 1-65535

        **Default:** 9996

    **template-active-timeout**

        **Description** Configure active timeout of the netflow templates received in mins (Template active timeout(mins)(default 30mins))

        **Type:** number

        **Range:** 2-300

        **Default:** 30

    **uuid**

        **Description** uuid of the object

        **Type:** string

        **Maximum Length:** 64 characters

        **Maximum Length:** 1 characters

.. _675_standalone-settings_sflow:

standalone-settings_sflow
^^^^^^^^^^^^^^^^^^^^^^^^^
	=============================== ===================================================
	**Specification**                 **Value**
	=============================== ===================================================
	 **Type**                        *object*

	=============================== ===================================================

    **listening-port**

        **Description** sFlow port to receive packets (sFlow port number(default 6343))

        **Type:** number

        **Range:** 1-65535

        **Default:** 6343

    **uuid**

        **Description** uuid of the object

        **Type:** string

        **Maximum Length:** 64 characters

        **Maximum Length:** 1 characters

.. _675_pkt-sampling:

pkt-sampling
^^^^^^^^^^^^
	=============================== ===================================================
	**Specification**                 **Value**
	=============================== ===================================================
	 **Type**                        *object*

	=============================== ===================================================

    **assign-index**

        **Description** Lower index is more aggressive sampling

        **Type:** number

        **Range:** 1-64

    **assign-rate**

        **Description** Assign rate to given index

        **Type:** number

        **Range:** 1-50000000

    **override-rate**

        **Description** Sample 1 in X packets (default: X=1)

        **Type:** number

        **Range:** 1-50000000