Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Create a Report with the Forensics API

  1. Last updated
  2. Save as PDF

You can use the Forensics API to create a report that includes data on processing web requests.

  1. Log on to the Forensics API.

    To log on, you must provide a URL with a country or region prefix to indicate where you log on. It also includes
    logapi.skyhigh.cloud as the domain name and your customer ID.

    Example: us.logapi.skyhigh.cloud/mwg/api/reporting/forensic/<customer ID>

    Use the customer ID you received when you purchased the product, but leave out the initial c before the string of numbers, for example, 1234567890. For more details about customer ID, see Proxy and Customer ID.

    Prefixes can be used here as follows:

    ae — United Arab Emirates
    au — Australia
    ca — Canada   
    de — Germany
    eu— Europe
    gb — United Kingdom
    in  — India
    sa — Kingdom of Saudi Arabia
    sg — Singapore
    us — United States (North America)

  2. Enter a command to download data for your report. The Forensic API only provides raw logs, which are referred to as Reports when downloaded.

    Use an HTTP client tool for this, such as curl or wget. Include required and optional parameters as needed. Important required parameters are:

  • Version header — Depending on this header, different combination of data fields, for example, user_id, source_ip, and http_action, can be downloaded for reporting.

    For a list of all available version headers with their data fields, see Reporting Fields.

  • Timestamp filters — Specify the time range during which data is downloaded

    For more information about these filters, see Reporting Filters and Reporting Timestamp.

A complete download command looks like this:

curl --insecure --verbose --header 'Accept: text/csv' --header 'x-mwg-api-version: 3' --compressed
--user <user name>:<password> https://logapi.skyhigh.cloud/mwg/api/reporting/forensic/12345678
?filter.requestTimestampFrom=1527279524&filter.requestTimestampTo=1527283124&order.0.requestTimestamp=asc

Depending on the HTTP client tool that you are using, you may have to escape the & (ampersand) character by a preceding \ (backslash) to run the command properly. Use \& instead of simply & then.

For more information about this command and its output, see Reporting Examples

When the report has been run, you can review and analyze the downloaded data.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    This page has no tags.