Skip to content

API

Jump to bottom
Dhiren Serai edited this page Jun 7, 2019 · 48 revisions

API Actions

By using this switch, you will start the API server without any authentication required! to enable the authentication, set api_access_without_key as True in config.py. the authentication key must send as parameter key in every request (could be set as Cookie, GET, POST). after you run the API server, a simple WebUI is also available to use (index.html). It shows a few graphs using the API with JQuery and etc...

  • All parameters could be sent in GET, POST or Cookie as well.
  • limit parameter default value is 10, if you want to set it as unlimited, set it as 0
  • skip parameter default value is 0

Actions

GET Count All Events

http://127.0.0.1:5000/api/events/count-all-events
{"count_all_events":416435}

GET Count All Events By Date

http://127.0.0.1:5000/api/events/count-all-events?date=2019-05-07
{"count_all_events_by_date":65925,"date":["2019-05-07 00:00:00","2019-05-07 23:59:59"]}

GET Count All Honeypot Events

http://127.0.0.1:5000/api/events/count-honeypot-events
{"count_honeypot_events":3330}

GET Count All Honeypot Events by Date

http://127.0.0.1:5000/api/events/count-honeypot-events?date=2019-05-07
{"count_honeypot_events_by_date":190,"date":["2019-05-07 00:00:00","2019-05-07 23:59:59"]}

GET Count All Netowork Events

http://127.0.0.1:5000/api/events/count-network-events
{"count_network_events":413105}

GET Count All Network Events by Date

http://127.0.0.1:5000/api/events/count-network-events?date=2019-05-07
{"count_network_events_by_date":65735,"date":["2019-05-07 00:00:00","2019-05-07 23:59:59"]}

Date Types

Type 1

http://127.0.0.1:5000/api/events/count-network-events?date=2019-05-07
{"count_network_events_by_date":65735,"date":["2019-05-07 00:00:00","2019-05-07 23:59:59"]}

Type 2

http://127.0.0.1:5000/api/events/count-network-events?date=2019-04-07|2019-05-07
{"count_network_events_by_date":65735,"date":["2019-04-07 00:00:00","2019-05-07 23:59:59"]}

Type 3

http://127.0.0.1:5000/api/events/count-network-events?date=2019-04-07 10:00:00
{"count_network_events_by_date":0,"date":["2019-04-07 10:00:00","2019-04-07 23:59:59"]}

Type 4

http://127.0.0.1:5000/api/events/count-network-events?date=2019-04-07 10:00:00|2019-05-07 12:00:00
{"count_network_events_by_date":65735,"date":["2019-04-07 10:00:00","2019-05-07 12:00:00"]}

GET Top IPs Repeated in Honeypot Events

http://127.0.0.1:5000/api/events/honeypot-events-ips
[{"_id":{"country":"-","ip":"192.168.0.102"},"count":3330}]

http://127.0.0.1:5000/api/events/honeypot-events-ips?date=2019-05-07
[{"_id":{"country":"-","ip":"192.168.0.102"},"count":190}]

http://127.0.0.1:5000/api/events/honeypot-events-ips?date=2019-05-07&country=DE
[{"_id":{"country":"DE","ip":"192.168.0.102"},"count":190}]

http://127.0.0.1:5000/api/events/honeypot-events-ips?country=DE
[{"_id":{"country":"DE","ip":"192.168.0.102"},"count":3330}]

GET Top IPs Repeated in Network Events

http://127.0.0.1:5000/api/events/network-events-ips
[{"_id":{"country":"-","ip":"192.168.0.102"},"count":251050},{"_id":{"country":"DE","ip":"129.143.66.13"},"count":27175},{"_id":{"country":"DE","ip":"129.143.66.12"},"count":16964},{"_id":{"country":"DE","ip":"129.143.66.14"},"count":15515},{"_id":{"country":"US","ip":"104.27.69.56"},"count":13883},{"_id":{"country":"DE","ip":"31.13.92.52"},"count":6121},{"_id":{"country":"DE","ip":"185.60.216.53"},"count":4123},{"_id":{"country":"US","ip":"172.217.18.14"},"count":3188},{"_id":{"country":"US","ip":"216.58.205.228"},"count":2743},{"_id":{"country":"US","ip":"173.194.164.155"},"count":2679}]

http://127.0.0.1:5000/api/events/network-events-ips?date=2019-05-07
[{"_id":{"country":"-","ip":"192.168.0.102"},"count":42318},{"_id":{"country":"US","ip":"104.27.69.56"},"count":13883},{"_id":{"country":"US","ip":"173.194.164.155"},"count":2679},{"_id":{"country":"DE","ip":"129.143.66.12"},"count":1296},{"_id":{"country":"US","ip":"216.58.206.14"},"count":898},{"_id":{"country":"US","ip":"172.217.18.164"},"count":694},{"_id":{"country":"DE","ip":"129.143.66.13"},"count":637},{"_id":{"country":"US","ip":"151.101.193.69"},"count":257},{"_id":{"country":"US","ip":"104.16.26.34"},"count":256},{"_id":{"country":"US","ip":"216.58.208.34"},"count":197}]

http://127.0.0.1:5000/api/events/network-events-ips?date=2019-05-07&country=DE
[{"_id":{"country":"DE","ip":"129.143.66.12"},"count":1296},{"_id":{"country":"DE","ip":"129.143.66.13"},"count":637},{"_id":{"country":"DE","ip":"23.38.53.224"},"count":80},{"_id":{"country":"DE","ip":"31.13.92.14"},"count":41},{"_id":{"country":"DE","ip":"54.192.203.172"},"count":34},{"_id":{"country":"DE","ip":"104.109.56.111"},"count":31},{"_id":{"country":"DE","ip":"185.60.216.15"},"count":23},{"_id":{"country":"DE","ip":"52.29.21.152"},"count":21},{"_id":{"country":"DE","ip":"54.192.202.206"},"count":20},{"_id":{"country":"DE","ip":"185.59.220.29"},"count":20}]

http://127.0.0.1:5000/api/events/honeypot-events-ips?date=2019-05-07
[{"_id":{"country":"-","ip":"192.168.0.102"},"count":190}]

http://127.0.0.1:5000/api/events/honeypot-events-ips?date=2019-05-07&country=DE
[{"_id":{"country":"DE","ip":"192.168.0.102"},"count":190}]

http://127.0.0.1:5000/api/events/network-events-ips?country=DE
[{"_id":{"country":"DE","ip":"129.143.66.13"},"count":27175},{"_id":{"country":"DE","ip":"129.143.66.12"},"count":16964},{"_id":{"country":"DE","ip":"129.143.66.14"},"count":15515},{"_id":{"country":"DE","ip":"31.13.92.52"},"count":6121},{"_id":{"country":"DE","ip":"185.60.216.53"},"count":4123},{"_id":{"country":"DE","ip":"104.111.215.135"},"count":877},{"_id":{"country":"DE","ip":"69.173.144.143"},"count":766},{"_id":{"country":"DE","ip":"52.59.128.192"},"count":638},{"_id":{"country":"DE","ip":"37.252.173.22"},"count":588},{"_id":{"country":"DE","ip":"37.252.173.27"},"count":574}]

Or you can change the limit (default: 10) and/or skip (default: 0) in ALL Array-Based Results actions.

http://127.0.0.1:5000/api/events/network-events-ips?limit=1
[{"_id":{"country":"DE","ip":"192.168.0.102"},"count":251050}]


http://127.0.0.1:5000/api/events/network-events-ips?limit=1&skip=1
[{"_id":{"country":"DE","ip":"129.143.66.13"},"count":27175}]

http://127.0.0.1:5000/api/events/network-events-ips?limit=2&skip=5
[{"_id":{"country":"DE","ip":"31.13.92.52"},"count":6121},{"_id":{"country":"DE","ip":"185.60.216.53"},"count":4123}]

GET Top Ports Repeated in Honeypot Events

http://127.0.0.1:5000/api/events/honeypot-events-ports
[{"_id":{"country":"DE","port":80},"count":3300},{"_id":{"country":"DE","port":22},"count":30}]

http://127.0.0.1:5000/api/events/honeypot-events-ports?date=2019-05-07
[{"_id":{"country":"DE","port":80},"count":190}]

http://127.0.0.1:5000/api/events/honeypot-events-ports?date=2019-05-07&country=DE
[{"_id":{"country":"DE","port":80},"count":190}]

http://127.0.0.1:5000/api/events/honeypot-events-ports?country=DE
[{"_id":{"country":"DE","port":80},"count":3300},{"_id":{"country":"DE","port":22},"count":30}]

GET Top Ports Repeated in Network Events

http://127.0.0.1:5000/api/events/network-events-ports
[{"_id":{"country":"-","port":443},"count":250720},{"_id":{"country":"US","port":52692},"count":13871},{"_id":{"country":"DE","port":45142},"count":9941},{"_id":{"country":"DE","port":51092},"count":5930},{"_id":{"country":"DE","port":50898},"count":4801},{"_id":{"country":"DE","port":51012},"count":4635},{"_id":{"country":"DE","port":52034},"count":4002},{"_id":{"country":"DE","port":32898},"count":3632},{"_id":{"country":"DE","port":36110},"count":3503},{"_id":{"country":"DE","port":50718},"count":3341}]

http://127.0.0.1:5000/api/events/network-events-ports?date=2019-05-07
[{"_id":{"country":"-","port":443},"count":42318},{"_id":{"country":"US","port":52692},"count":13871},{"_id":{"country":"US","port":33662},"count":1274},{"_id":{"country":"DE","port":58576},"count":1208},{"_id":{"country":"US","port":57896},"count":887},{"_id":{"country":"US","port":33700},"count":728},{"_id":{"country":"US","port":33702},"count":677},{"_id":{"country":"US","port":59398},"count":555},{"_id":{"country":"DE","port":58556},"count":352},{"_id":{"country":"DE","port":58554},"count":285}]

http://127.0.0.1:5000/api/events/network-events-ports?date=2019-05-07&country=US
[{"_id":{"country":"US","port":52692},"count":13871},{"_id":{"country":"US","port":33662},"count":1274},{"_id":{"country":"US","port":57896},"count":887},{"_id":{"country":"US","port":33700},"count":728},{"_id":{"country":"US","port":33702},"count":677},{"_id":{"country":"US","port":59398},"count":555},{"_id":{"country":"US","port":37152},"count":242},{"_id":{"country":"US","port":50882},"count":204},{"_id":{"country":"US","port":59442},"count":139},{"_id":{"country":"US","port":44738},"count":101}]

http://127.0.0.1:5000/api/events/network-events-ports?country=US
[{"_id":{"country":"US","port":52692},"count":13871},{"_id":{"country":"US","port":41636},"count":3188},{"_id":{"country":"US","port":38320},"count":1924},{"_id":{"country":"US","port":33662},"count":1274},{"_id":{"country":"US","port":33308},"count":1060},{"_id":{"country":"US","port":45792},"count":1004},{"_id":{"country":"US","port":57896},"count":887},{"_id":{"country":"US","port":46668},"count":873},{"_id":{"country":"US","port":40872},"count":813},{"_id":{"country":"US","port":52204},"count":808}]

GET Honeypot Events

http://127.0.0.1:5000/api/events/honeypot-events
[{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:13","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80}]

http://127.0.0.1:5000/api/events/honeypot-events?date=2019-05-07
[{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80},{"country":"DE","date":"2019-05-07 11:51:13","ip":"192.168.0.102","machine_name":"stockholm_server_1","module_name":"http/basic_auth_weak_password","port":80}]

GET Network Events

http://127.0.0.1:5000/api/events/network-events
[{"country":"US","date":"2019-05-07 11:50:36","ip":"35.164.130.113","machine_name":"stockholm_server_1","port":51834},{"country":"-","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","port":443},{"country":"US","date":"2019-05-07 11:51:12","ip":"104.18.73.113","machine_name":"stockholm_server_1","port":37532},{"country":"US","date":"2019-05-07 11:51:12","ip":"104.16.54.111","machine_name":"stockholm_server_1","port":42142},{"country":"US","date":"2019-05-07 11:51:12","ip":"104.16.54.111","machine_name":"stockholm_server_1","port":42140},{"country":"-","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","port":443},{"country":"US","date":"2019-05-07 11:51:12","ip":"104.16.54.111","machine_name":"stockholm_server_1","port":42142},{"country":"-","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","port":443},{"country":"US","date":"2019-05-07 11:51:12","ip":"104.18.73.113","machine_name":"stockholm_server_1","port":37532},{"country":"-","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","port":443}]

http://127.0.0.1:5000/api/events/network-events?date=2019-05-07
[{"country":"US","date":"2019-05-07 11:50:36","ip":"35.164.130.113","machine_name":"stockholm_server_1","port":51834},{"country":"-","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","port":443},{"country":"US","date":"2019-05-07 11:51:12","ip":"104.18.73.113","machine_name":"stockholm_server_1","port":37532},{"country":"US","date":"2019-05-07 11:51:12","ip":"104.16.54.111","machine_name":"stockholm_server_1","port":42142},{"country":"US","date":"2019-05-07 11:51:12","ip":"104.16.54.111","machine_name":"stockholm_server_1","port":42140},{"country":"-","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","port":443},{"country":"US","date":"2019-05-07 11:51:12","ip":"104.16.54.111","machine_name":"stockholm_server_1","port":42142},{"country":"-","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","port":443},{"country":"US","date":"2019-05-07 11:51:12","ip":"104.18.73.113","machine_name":"stockholm_server_1","port":37532},{"country":"-","date":"2019-05-07 11:51:12","ip":"192.168.0.102","machine_name":"stockholm_server_1","port":443}]

#### `GET` Top Countries Repeated in Honeypot Events
```json
http://127.0.0.1:5000/api/events/honeypot-events-countries
[{"_id":"DE","count":82107}]

http://127.0.0.1:5000/api/events/honeypot-events-countries?date=2019-05-07
[{"_id":"US","count":20733},{"_id":"DE","count":2284}]

GET Top Countries Repeated in Network Events

http://127.0.0.1:5000/api/events/network-events-countries
[{"_id":"DE","count":83107},{"_id":"US","count":67200},{"_id":"NL","count":4994},{"_id":"IE","count":3824},{"_id":"GB","count":2338},{"_id":"FR","count":419},{"_id":"DK","count":319},{"_id":"BS","count":153},{"_id":"SE","count":91},{"_id":"CA","count":82}]

http://127.0.0.1:5000/api/events/network-events-countries?date=2019-05-07
[{"_id":"US","count":20833},{"_id":"DE","count":2254},{"_id":"GB","count":297},{"_id":"NL","count":82},{"_id":"IE","count":21}]

GET Top Machine Names Repeated in Network Events

http://127.0.0.1:5000/api/events/honeypot-events-machinenames
[{"_id":{"machine_name":"stockholm_server_1"},"count":3330}]

http://127.0.0.1:5000/api/events/honeypot-events-machinenames?date=2019-05-07
[{"_id":{"machine_name":"stockholm_server_1"},"count":190}]

GET Top Machine Names Repeated in Honeypot Events

http://127.0.0.1:5000/api/events/network-events-machinenames
[{"_id":{"machine_name":"stockholm_server_1"},"count":413105}]

http://127.0.0.1:5000/api/events/network-events-machinenames?date=2019-05-07
[{"_id":{"machine_name":"stockholm_server_1"},"count":65735}]

OWASP Honeypot's Wiki

Manuals

Miscellaneous

Clone this wiki locally