.. _ddos_detection_settings: ddos detection settings ======================= Configure ddos detection settings settings Specification ---------------------- ===================================== ================================================================ **Parameter** **Value** ===================================== ================================================================ **Type** *Configuration Resource* **Element Name** settings **Element URI** /axapi/v3/ddos/detection/settings **Element Attributes** settings_attributes **Partition Visibility** shared **Schema** :download:`settings schema ` ===================================== ================================================================ **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html
OperationMethodURIPayload
Create Object .. raw:: html POST .. raw:: html /axapi/v3/ddos/detection/settings .. raw:: html :ref:`676_settings_attributes` .. raw:: html
Get Object .. raw:: html GET .. raw:: html /axapi/v3/ddos/detection/settings .. raw:: html :ref:`676_settings_attributes` .. raw:: html
Modify Object .. raw:: html POST .. raw:: html /axapi/v3/ddos/detection/settings .. raw:: html :ref:`676_settings_attributes` .. raw:: html
Replace Object .. raw:: html PUT .. raw:: html /axapi/v3/ddos/detection/settings .. raw:: html :ref:`676_settings_attributes` .. raw:: html
Delete Object .. raw:: html DELETE .. raw:: html /axapi/v3/ddos/detection/settings .. raw:: html :ref:`676_settings_attributes` .. raw:: html
.. _676_settings_attributes: settings attributes ------------------- **ctrl-cpu-usage** **Description** Control cpu usage threshold for DDoS detection **Type:** number **Range:** 1-100 **de-escalation-quiet-time** **Description** Configure de-escalation needed time in minutes from level 1 to 0.(default 1 minutes) **Type:** number **Range:** 1-60 **dedicated-cpus** **Description** Configure the number of dedicated cores for detection **Type:** number **Range:** 1-32 **detection-window-size** **Description** Configure detection window size in seconds (DDoS detection window size in seconds(default: 1)) **Type:** number **Range:** 1-60 **Default:** 1 **detector-mode** **Description** 'standalone': Standalone detector; 'on-box': Mitigator and Detector on the same box; 'auto-svc-discovery': Auto Service discovery using Visibility module (Deprecatd); **Type:** string **Supported Values:** standalone, on-box, auto-svc-discovery **entry-saving** **Description:** entry-saving is a **JSON Block**. Please see below for :ref:`676_entry-saving` **Type:** Object **Reference Object:** :doc:`/axapi/v3/ddos/detection/settings/entry-saving ` **export-interval** **Description** Configure Baselining and export interval in seconds (DDoS Baselining and export interval in seconds(default: 20)) **Type:** number **Range:** 20-3000 **Default:** 20 **full-core-enable** **Description** Enable full core **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **histogram-de-escalate-percentage** **Description** histogram de-escalate sensitivity for DDoS detection **Type:** number **Range:** 1-100 **histogram-escalate-percentage** **Description** histogram escalate sensitivity for DDoS detection **Type:** number **Range:** 1-100 **initial-learning-interval** **Description** Initial learning interval (in hours) before processing **Type:** number **Range:** 1-168 **network-object-flooding-multiple** **Description** multiplier for flooding detection threshold in network objects (default 2x threshold) **Type:** number **Range:** 2-10 **Default:** 2 **network-object-window-size** **Description** '5': 5 seconds; '10': 10 seconds; '15': 15 seconds; '30': 30 seconds; (DDoS detection window size in seconds(default: 30)) **Type:** string **Supported Values:** 5, 10, 15, 30 **Default:** 30 **notification-debug-log** **Description** 'enable': Enable detection notification debug log (default: disabled); **Type:** string **Supported Values:** enable **pkt-sampling** **Description:** pkt-sampling is a **JSON Block**. Please see below for :ref:`676_pkt-sampling` **Type:** Object **standalone-settings** **Description:** standalone-settings is a **JSON Block**. Please see below for :ref:`676_standalone-settings` **Type:** Object **Reference Object:** :doc:`/axapi/v3/ddos/detection/settings/standalone-settings ` **top-k-reset-interval** **Description** Configure top-k reset interval **Type:** number **Range:** 1-60 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _676_entry-saving: entry-saving ^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **interval** **Description** Configure periodical auto-saving interval in minutes(default: 0) and 0 to disable. **Type:** number **Range:** 0-1440 **Default:** 0 **manual-restore** **Description** Manually restore network-object-based detection entries and learned indicators **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **manual-save** **Description** Manually save network-object-based detection entries and learned indicators **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _676_standalone-settings: standalone-settings ^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **action** **Description** 'enable': Enable standalone detector; 'disable': Disable standalone detector (default); **Type:** string **Supported Values:** enable, disable **Default:** disable **de-escalation-quiet-time** **Description** Configure de-escalation needed time in minutes from level 1 to 0.(default 6 minutes) **Type:** number **Range:** 1-60 **netflow** **Description:** netflow is a **JSON Block**. Please see below for :ref:`676_standalone-settings_netflow` **Type:** Object **Reference Object:** :doc:`/axapi/v3/ddos/detection/settings/standalone-settings/netflow ` **sflow** **Description:** sflow is a **JSON Block**. Please see below for :ref:`676_standalone-settings_sflow` **Type:** Object **Reference Object:** :doc:`/axapi/v3/ddos/detection/settings/standalone-settings/sflow ` **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _676_standalone-settings_netflow: standalone-settings_netflow ^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **listening-port** **Description** Netflow port to receive packets (Netflow port number(default 9996)) **Type:** number **Range:** 1-65535 **Default:** 9996 **template-active-timeout** **Description** Configure active timeout of the netflow templates received in mins (Template active timeout(mins)(default 30mins)) **Type:** number **Range:** 2-300 **Default:** 30 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _676_standalone-settings_sflow: standalone-settings_sflow ^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **listening-port** **Description** sFlow port to receive packets (sFlow port number(default 6343)) **Type:** number **Range:** 1-65535 **Default:** 6343 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _676_pkt-sampling: pkt-sampling ^^^^^^^^^^^^ =============================== =================================================== **Specification** **Value** =============================== =================================================== **Type** *object* =============================== =================================================== **assign-index** **Description** Lower index is more aggressive sampling **Type:** number **Range:** 1-64 **assign-rate** **Description** Assign rate to given index **Type:** number **Range:** 1-50000000 **override-rate** **Description** Sample 1 in X packets (default: X=1) **Type:** number **Range:** 1-50000000