Analytics

paritadesai
Participant II

I want to get count of API proxies per Security pattern ie VerifyAPIKey, OAuth2, JWT Validator using Analytics api.

Any inputs will be of great help

0 20 323
20 REPLIES 20

Not applicable

You need to use statistics collector policy in side proxy specifying the try of security and then after you can generate custom analytics report for that.

Thank you for your response.

But I don't want to check for a given proxy or a security. I am trying to get the security patterns for all the proxies within an organization.

If you can help with an example as how this can be achieved using statistics collector policy or by making any management api call, it will surely help.

Not applicable

You just need to use statistics collector policy in proxy and configure the security type variable. Later using the security type = "xyz" in the custom report you will be able to get the proxy list for using that security type

Can you pls elaborate on how to configure security type variable

<StatisticsCollector name="publishPurchaseDetails">

  <Statistics>    
<Statistic name="security-type" type="string">oauth</Statistic>  
 

</StatisticsCollector>

The above is an example where the security will be set to oauth in analytics in postgres db. Later during token generation you can get all proxies having security as oauth.

Similarly you can set other security types in proxy.

@Priyadarshi Ajitav,

I can kind of added statistics collector policy as above in one of the proxy and i can see the custom dimension "security" coming up in the custom reports. But as m looking for security pattern across api proxies, what metric can i use to get this data

In the dimension you can put proxy and in filter you can put the security as specific type

Thank you for your response. Dimension and Filter i have already added as proxy and security type. My query is regarding the Metric as it's one of the mandatory field for generating custom report

Use traffic as the matric.

Have tried that. It doesn't give data as expected. What am trying to achieve here is ProxyName and corresponding security policy implemented. For eg:- Proxy Name abc - OAuth, Proxy Name def - JWT and so on

You will get the security policy and APIs which use that. Like that in the report.

Yeah..m referring to custom report only. It's not giving that kind of data

What are you getting now?

Am not getting any data. Report is blank. This is what i have configured for Custom report :-

Dimension - Proxy

Filter - security eq OAuthV2 and Metric as Traffic

That could be because of zero traffic

So are you trying to say that the proxy in which i have added statistics collector policy is having zero traffic and thatz why the report is coming blank.

Also, does that mean that if i want to get security pattern for all proxies within an organization then in that case, i have to add the statistics collector policy for all the proxies??

You can use a flowhook instead of adding to each proxy.

Yeah..can use FlowHook. But not sure as how we can retrieve security type from the proxy as that is internal to proxy meaning security policy has been added as one of the policy within the proxy and it has been attached as a step in the PreFlow.

Also how to differentiate between different security types within Flow Hook.

in the shared flow the conditional statistic collector policies can be configured. for example

if Authorization uses a bearer token then it oauth 2.0

if it uses apikey in header then its api key verification

ok..let tme try that out