Netscout Arbor DDoS Protection

the netscout arbor connector facilitates automated interactions with the netscout arbor ddos protection platform, enabling users to manage alerts and generate reports directly through swimlane netscout arbor ddos protection is a comprehensive defense solution against distributed denial of service (ddos) attacks, providing real time detection and automated mitigation this connector enables swimlane turbine users to integrate with netscout arbor's robust security features, allowing for the retrieval of detailed alert information, generation of in depth reports, and monitoring of potential threats through a list of alerts by leveraging this connector, users can enhance their security posture with actionable insights and streamlined incident response directly within the swimlane turbine platform, ensuring rapid and effective ddos threat management prerequisites to effectively utilize the netscout arbor ddos protection connector with swimlane turbine, ensure you have the following api key authentication url the endpoint url for the netscout arbor api api key a valid api key provided by netscout arbor for authentication capabilities this connector provides the following capabilities get alert get report list alerts asset setup to use the asset, you must create an api key to create an api key, follow the following steps log in to the cli with your administrator username and password to create the token, enter service aaa local apitoken generate within the cli the system responds with username “tokendescription”username = "the name of a valid aed user"tokendescription = "a brief description of the token" this description is appended to the token to save the configuration, enter config write within the cli (optional) enter the following command to view the generated token this command identifies each user and the tokens associated with that user service aaa local apitoken show configurations netscout arbor api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required x arbux apitoken api key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions get alert retrieves detailed information for a specific alert identified by an alert id in netscout arbor ddos protection endpoint url /api/aed/v2/alerts/{{alert id}} method get input argument name type required description alert id string required unique alert identifier output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] get report generates a detailed report from netscout arbor based on the specified name, report type, start time, and end time endpoint url /api/aed/v2/reports method get input argument name type required description name string required name of report requested reporttype string required report type starttime string required start time of the report requested endtime string required end time of the report requested recipients string optional a sting formatted comma separated list of recipients params string optional a json formatted object describing the specified elements of the report output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] list alerts retrieve a list of all alerts from netscout arbor ddos protection to monitor and analyze potential threats endpoint url /api/aed/v2/alerts method get input argument name type required description type string optional the alert type title string optional name of the alert description string optional description of the alert severity string optional severity of the alert starttime string optional start time for the alert endtime string optional end time for the alert status string optional status of the alerts (all, active, inactive) pgid string optional protection group identifier pgname string optional protection group name q string optional list of (+) delimited search strings select string optional list of (,) delimited filter strings sort string optional key used to sort results direction string optional the direction results are sorted (asc or desc) limit number optional parameter for list alerts page number optional parameter for list alerts output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" {} } ] notes to access your api notes, you must follow to this link https //{your host information}/api/aed/doc/v2/endpoints html this connector was developed against product version 6 1