This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Different traffic rate for API Proxy and Developer Apps

Posted on 11-26-2015 02:06 AM
Not applicable
Reply posted on --/--/---- --:-- AM

So here is the situation. I have an API Proxy which shows nearly 50k API calls daily in the preview. But my sum of API calls from total developer apps is less than 15k. So is there an security issue in the API? The Key parameter is provided, so one without knowing that cannot access the APIs. Then why the difference in API calls.

Solved Solved
0 9 401
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
mschreuder
Staff
Reply posted on --/--/---- --:-- AM

@Arun Babu Here's a quick guide to setting up a custom report that might help you drill down further.

On the top menu of Apigee Enterprise click Analytics and then Reports

Next click the + Custom Report button

Give your new custom report a name, make your choice of bar or line (data is same, just changes how it is shown)

For Metric: choose Traffic

Next, click + Dimension

Set the dimension to Developer App

Click + Dimension again

Now pick what other dimension you want to see further. You might want to look at dimensions like Proxy, Client IP Address, Access Token, etc. I suggest experiment here to decide on what is most useful. You can add more than two dimensions if you want to, which will give you additional levels

Save the report so it will run, you will see a report with a graph and a table showing the results per Developer App, including "(not set)". You can click on a Developer App in the list and that will take you to the breakdown by whatever second dimension you picked.

More info on creating custom reports is available here:

View solution in original post

Jump to Solution
9 REPLIES 9

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi Arun,

Can you specify your org and env name so that I can take a look ? I have enabled "viewable by moderators and original poster" in this comment. While answering please use the same.

Thanks,

Sanjoy

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to
Reply posted on --/--/---- --:-- AM

Hi @Sanjoy Bose

My org is "datayuge" and env is "prod" . Please help me to sort out the issue ASAP.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
mschreuder
Staff
Reply posted on --/--/---- --:-- AM

Hi @Arun Babu

One thing to check is whether there is traffic for a "not set" developer app. If that is the case, you should see it on the Developer Apps dashboard: 

https://enterprise.apigee.com/platform/#/{orgname}/apps-analytics

Below is an example:

1565-20151126-apps-analytics.png

This page provides a bit more detail for reasons why you might get "not set". You can also use custom reports to drill down further into where the traffic is coming from and what APIs it is hitting.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi @mschreuder

It seems like that's the wired reason am getting the above mismatch in API traffic. So where can I get the details of this "(not set)" API hits? Can I find the originating IP and block that? Am attaching a screenshot of the same. Kindly help me to sort out this issue.

1566-capture.png

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
mschreuder
Staff
Reply posted on --/--/---- --:-- AM

@Arun Babu Here's a quick guide to setting up a custom report that might help you drill down further.

On the top menu of Apigee Enterprise click Analytics and then Reports

Next click the + Custom Report button

Give your new custom report a name, make your choice of bar or line (data is same, just changes how it is shown)

For Metric: choose Traffic

Next, click + Dimension

Set the dimension to Developer App

Click + Dimension again

Now pick what other dimension you want to see further. You might want to look at dimensions like Proxy, Client IP Address, Access Token, etc. I suggest experiment here to decide on what is most useful. You can add more than two dimensions if you want to, which will give you additional levels

Save the report so it will run, you will see a report with a graph and a table showing the results per Developer App, including "(not set)". You can click on a Developer App in the list and that will take you to the breakdown by whatever second dimension you picked.

More info on creating custom reports is available here:

Jump to Solution

Posted on --/--/---- --:-- AM
Not applicable
In response to mschreuder
Reply posted on --/--/---- --:-- AM

@mschreuder I got the IP who is hitting my backend generating the huge traffic as "not set". Your comment helped me a lot.

Can you tell me how can I block that IP and accept all other IPs in my apiproxy config?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to
Reply posted on --/--/---- --:-- AM

Hi @Arun Babu

Please refer to http://apigee.com/docs/api-services/reference/access-control-policy for details on blocking IP addresses.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to
Reply posted on --/--/---- --:-- AM

@Rampradeep Krishnamurthy Thanks 🙂

Jump to Solution

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi @Arun Babu

If you apiproxy does not have a valid oauth or api credential validation policies, developer app details for those api calls will not be populated. Can you check if the apiproxy has an oauth or api key related policy?

Jump to Solution
0 Likes