So here is the situation. I have an API Proxy which shows nearly 50k API calls daily in the preview. But my sum of API calls from total developer apps is less than 15k. So is there an security issue in the API? The Key parameter is provided, so one without knowing that cannot access the APIs. Then why the difference in API calls.
Solved! Go to Solution.
@Arun Babu Here's a quick guide to setting up a custom report that might help you drill down further.
On the top menu of Apigee Enterprise click Analytics and then Reports
Next click the + Custom Report button
Give your new custom report a name, make your choice of bar or line (data is same, just changes how it is shown)
For Metric: choose Traffic
Next, click + Dimension
Set the dimension to Developer App
Click + Dimension again
Now pick what other dimension you want to see further. You might want to look at dimensions like Proxy, Client IP Address, Access Token, etc. I suggest experiment here to decide on what is most useful. You can add more than two dimensions if you want to, which will give you additional levels
Save the report so it will run, you will see a report with a graph and a table showing the results per Developer App, including "(not set)". You can click on a Developer App in the list and that will take you to the breakdown by whatever second dimension you picked.
More info on creating custom reports is available here:
Hi Arun,
Can you specify your org and env name so that I can take a look ? I have enabled "viewable by moderators and original poster" in this comment. While answering please use the same.
Thanks,
Sanjoy
Hi @Sanjoy Bose
My org is "datayuge" and env is "prod" . Please help me to sort out the issue ASAP.
Hi @Arun Babu
One thing to check is whether there is traffic for a "not set" developer app. If that is the case, you should see it on the Developer Apps dashboard:
https://enterprise.apigee.com/platform/#/{orgname}/apps-analytics
Below is an example:
This page provides a bit more detail for reasons why you might get "not set". You can also use custom reports to drill down further into where the traffic is coming from and what APIs it is hitting.
Hi @mschreuder
It seems like that's the wired reason am getting the above mismatch in API traffic. So where can I get the details of this "(not set)" API hits? Can I find the originating IP and block that? Am attaching a screenshot of the same. Kindly help me to sort out this issue.
@Arun Babu Here's a quick guide to setting up a custom report that might help you drill down further.
On the top menu of Apigee Enterprise click Analytics and then Reports
Next click the + Custom Report button
Give your new custom report a name, make your choice of bar or line (data is same, just changes how it is shown)
For Metric: choose Traffic
Next, click + Dimension
Set the dimension to Developer App
Click + Dimension again
Now pick what other dimension you want to see further. You might want to look at dimensions like Proxy, Client IP Address, Access Token, etc. I suggest experiment here to decide on what is most useful. You can add more than two dimensions if you want to, which will give you additional levels
Save the report so it will run, you will see a report with a graph and a table showing the results per Developer App, including "(not set)". You can click on a Developer App in the list and that will take you to the breakdown by whatever second dimension you picked.
More info on creating custom reports is available here:
@mschreuder I got the IP who is hitting my backend generating the huge traffic as "not set". Your comment helped me a lot.
Can you tell me how can I block that IP and accept all other IPs in my apiproxy config?
Hi @Arun Babu
Please refer to http://apigee.com/docs/api-services/reference/access-control-policy for details on blocking IP addresses.
@Rampradeep Krishnamurthy Thanks 🙂
Hi @Arun Babu
If you apiproxy does not have a valid oauth or api credential validation policies, developer app details for those api calls will not be populated. Can you check if the apiproxy has an oauth or api key related policy?
User | Count |
---|---|
3 | |
2 | |
1 | |
1 | |
1 |