ddos detection settings¶
Configure ddos detection settings
settings Specification¶
Parameter Value Type Configuration Resource Element Name settings Element URI /axapi/v3/ddos/detection/settings Element Attributes settings_attributes Partition Visibility shared Schema settings schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/ddos/detection/settings | ||
Get Object | GET | /axapi/v3/ddos/detection/settings | ||
Modify Object | POST | /axapi/v3/ddos/detection/settings | ||
Replace Object | PUT | /axapi/v3/ddos/detection/settings | ||
Delete Object | DELETE | /axapi/v3/ddos/detection/settings | ||
settings attributes¶
ctrl-cpu-usage
Description Control cpu usage threshold for DDoS detection
Type: number
Range: 1-100
de-escalation-quiet-time
Description Configure de-escalation needed time in minutes from level 1 to 0.(default 1 minutes)
Type: number
Range: 1-60
dedicated-cpus
Description Configure the number of dedicated cores for detection
Type: number
Range: 1-32
detection-window-size
Description Configure detection window size in seconds (DDoS detection window size in seconds(default: 1))
Type: number
Range: 1-60
Default: 1
detector-mode
Description ‘standalone’: Standalone detector; ‘on-box’: Mitigator and Detector on the same box; ‘auto-svc-discovery’: Auto Service discovery using Visibility module (Deprecatd);
Type: string
Supported Values: standalone, on-box, auto-svc-discovery
entry-saving
Description: entry-saving is a JSON Block. Please see below for entry-saving
Type: Object
Reference Object: /axapi/v3/ddos/detection/settings/entry-saving
export-interval
Description Configure Baselining and export interval in seconds (DDoS Baselining and export interval in seconds(default: 20))
Type: number
Range: 20-3000
Default: 20
full-core-enable
Description Enable full core
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
histogram-de-escalate-percentage
Description histogram de-escalate sensitivity for DDoS detection
Type: number
Range: 1-100
histogram-escalate-percentage
Description histogram escalate sensitivity for DDoS detection
Type: number
Range: 1-100
initial-learning-interval
Description Initial learning interval (in hours) before processing
Type: number
Range: 1-168
network-object-flooding-multiple
Description multiplier for flooding detection threshold in network objects (default 2x threshold)
Type: number
Range: 2-10
Default: 2
network-object-window-size
Description ‘5’: 5 seconds; ‘10’: 10 seconds; ‘15’: 15 seconds; ‘30’: 30 seconds; (DDoS detection window size in seconds(default: 30))
Type: string
Supported Values: 5, 10, 15, 30
Default: 30
notification-debug-log
Description ‘enable’: Enable detection notification debug log (default: disabled);
Type: string
Supported Values: enable
pkt-sampling
Description: pkt-sampling is a JSON Block. Please see below for pkt-sampling
Type: Object
standalone-settings
Description: standalone-settings is a JSON Block. Please see below for standalone-settings
Type: Object
Reference Object: /axapi/v3/ddos/detection/settings/standalone-settings
top-k-reset-interval
Description Configure top-k reset interval
Type: number
Range: 1-60
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
entry-saving¶
Specification Value Type object interval
Description Configure periodical auto-saving interval in minutes(default: 0) and 0 to disable.
Type: number
Range: 0-1440
Default: 0
manual-restore
Description Manually restore network-object-based detection entries and learned indicators
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
manual-save
Description Manually save network-object-based detection entries and learned indicators
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
standalone-settings¶
Specification Value Type object action
Description ‘enable’: Enable standalone detector; ‘disable’: Disable standalone detector (default);
Type: string
Supported Values: enable, disable
Default: disable
de-escalation-quiet-time
Description Configure de-escalation needed time in minutes from level 1 to 0.(default 6 minutes)
Type: number
Range: 1-60
netflow
Description: netflow is a JSON Block. Please see below for standalone-settings_netflow
Type: Object
Reference Object: /axapi/v3/ddos/detection/settings/standalone-settings/netflow
sflow
Description: sflow is a JSON Block. Please see below for standalone-settings_sflow
Type: Object
Reference Object: /axapi/v3/ddos/detection/settings/standalone-settings/sflow
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
standalone-settings_netflow¶
Specification Value Type object listening-port
Description Netflow port to receive packets (Netflow port number(default 9996))
Type: number
Range: 1-65535
Default: 9996
template-active-timeout
Description Configure active timeout of the netflow templates received in mins (Template active timeout(mins)(default 30mins))
Type: number
Range: 2-300
Default: 30
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
standalone-settings_sflow¶
Specification Value Type object listening-port
Description sFlow port to receive packets (sFlow port number(default 6343))
Type: number
Range: 1-65535
Default: 6343
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
pkt-sampling¶
Specification Value Type object assign-index
Description Lower index is more aggressive sampling
Type: number
Range: 1-64
assign-rate
Description Assign rate to given index
Type: number
Range: 1-50000000
override-rate
Description Sample 1 in X packets (default: X=1)
Type: number
Range: 1-50000000