Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Create a Report with the Forensics API

  1. Last updated
  2. Save as PDF

You can use the Forensics API to create a report that includes data on processing web requests.

  1. Log on to the Forensics API.

    To log on, you must provide a URL with a country or region prefix to indicate where you log on. It also includes
    logapi.skyhigh.cloud as the domain name and your customer ID.

    Example: us.logapi.skyhigh.cloud/mwg/api/reporting/forensic/<customer ID>

    Use the customer ID here that you received when you purchased the product, but leave out the initial c before the string of numbers, for example, 1234567890.

    Prefixes can be used here as follows:

    ae — United Arab Emirates
    au — Australia
    ca — Canada   
    de — Germany (Europe)
    gb — United Kingdom
    in  — India
    sa — Kingdom of Saudi Arabia
    sg — Singapore
    us — United States (North America)

  2. Enter a command to download data for your report.

    Use an HTTP client tool for this, such as curl or wget. Include required and optional parameters as needed. Important required parameters are:

  • Version header — Depending on his header, different combination of data fields, for example, user_id, source_ip, and http_action, can be downloaded for reporting.

    For a list of all available version headers with their data fields, see Reporting Fields.

  • Timestamp filters — Specify the time range during which data is downloaded

    For more information about these filters, see Reporting Filters and Reporting Timestamp.

A complete download command looks like this:

curl --insecure --verbose --header 'Accept: text/csv' --header 'x-mwg-api-version: 3' --compressed
--user <user name>:<password> https://logapi.skyhigh.cloud/mwg/api/reporting/forensic/12345678
?filter.requestTimestampFrom=1527279524&filter.requestTimestampTo=1527283124&order.0.requestTimestamp=asc

Depending on the HTTP client tool that you are using, you may have to escape the & (ampersand) character by a preceding \ (backslash) to run the command properly. Use \& instead of simply & then.

For more information about this command and the output it returns, see Reporting Examples

When the report has been run, you can review the downloaded data and analyze them.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    This page has no tags.