The following shows how to generate the security-analytics-aap-traffic-by-time report using either the Reporting API's Generate a report POST operation or the Get a cacheable report GET operation. Details about each report's supported products, metrics, filters, and available data intervals are also available dynamically by running the API's Get a report type operation, also shown below. See also other available reports.
Report definition
This report shows the number of detected denial-of-service (DoS) attacks, web application firewall (WAF) attacks, and bot attacks.
Business object: accountId
Data available for: 90 days
Available metrics
| Metric | Description |
|---|---|
| Data metrics | |
hitsPerSec | Number of attacks detected per second. |
| Summary metrics | |
avgHitsPerSec | Average number of attacks detected per second. |
minHitsPerSec | Minimum number of attacks detected per second. |
peakHitsPerSec | Maximum (peak) number of hits detected per second. |
Available filters
| Filter | Type | Description |
|---|---|---|
| Optional filters | ||
configId | String | Uniquely identifies the security configuration. |
hostname | String | Hostname associated with your security configuration. |
trafficType | String | Specifies the type of traffic you’re reporting on (for example, DOS, AppProtection, Custom or BOT). |
POST request
POST /reporting-api/v1/reports/security-analytics-aap-traffic-by-time/versions/1/report-data{?start,end}
Sample: /reporting-api/v1/reports/security-analytics-aap-traffic-by-time/versions/1/report-data?start=2026-02-01T00%3A00%3A00Z&end=2026-03-01T00%3A00%3A00Z
Query parameters
| Parameter | Type | Sample | Description |
|---|---|---|---|
| Required | |||
start | String | 2026-02-01T00:00:00Z | Specifies the start of the reported period as an ISO-8601 timestamp with optional time zone. The report includes data that matches the start value’s timestamp. |
end | String | 2026-03-01T00:00:00Z | Specifies the end of the reported period as an ISO-8601 timestamp with optional time zone. The report excludes any data that matches the end value’s timestamp. |
JSON request members
| Member | Type | Description |
|---|---|---|
objectIds | Array | Specifies the set of accountId values you want to report on. |
objectIds | Enumeration | As an alternative to an array of ID values, specify all as a string for unfiltered data. Either way, objectIds is required. |
metrics | Array | The set of desired metrics. If omitted, the report includes all available metrics. |
filters | Map of Arrays | Specifies a set of custom filters, with each filter's name keying an array with each filter's set of values. |
Request body:
{
"objectIds": [
"1111",
"1122",
"2222",
"2233",
"2343"
],
"metrics": [
"avgHitsPerSec",
"hitsPerSec",
"minHitsPerSec",
"peakHitsPerSec"
],
"filters": {
"configId": [
"1122",
"2233",
"2222",
"2233",
"2343"
],
"hostname": [
"www.example.com",
"m.example.com"
],
"trafficType": [
"AppProtection",
"Custom"
]
]
}
}GET request
GET /reporting-api/v1/reports/security-analytics-aap-traffic-by-time/versions/1/report-data{?start,end,objectIds,allObjectIds,metrics,filters}
Sample: /reporting-api/v1/reports/security-analytics-aap-traffic-by-time/versions/1/report-data?start=2026-02-01T00%3A00%3A00Z&end=2026-03-01T00%3A00%3A00Z&objectIds=1111,1122,2222,2233,2343&metrics=avgHitsPerSec%2ChitsPerSec&filters=configId%3D1111%2CconfigId%3D2222%2C
Query parameters
| Parameter | Type | Sample | Description |
|---|---|---|---|
| Required | |||
start | String | 2026-02-01T00:00:00Z | Specifies the start of the reported period as an ISO-8601 timestamp with optional time zone. The report includes data that matches the start value’s timestamp. |
end | String | 2026-03-01T00:00:00Z | Specifies the end of the reported period as an ISO-8601 timestamp with optional time zone. The report excludes any data that matches the end value’s timestamp. |
| Optional | |||
allObjectIds | Boolean | true | As an alternative to objectIds, enabling this generates a report that includes all IDs available for the accountId objectType. This parameter is ignored if the request also specifies a set of objectIds. |
objectIds | String | 1111,1122,2222,2233,2343 | As an alternative to allObjectIds, specifies the set of unique IDs for the accountId objectType you want to report on, formatted as a comma-delimited list. |
metrics | String | avgHitsPerSec,hitsPerSec | Specifies a comma-separated list of metrics to include in the report, otherwise all metrics if omitted. The set of available metrics depends on the type of report. URL-encode the entire value in the GET request. |
filters | String | configId=1111,configId=2222,hostname=www.example.com,hostname=blog.example.com | Specifies criteria to filter the report’s data. The set of available filters depends on the type of report. Separate each filter name and value with an equals (=) character, and separate various name/value pairs with commas (,). To specify more than one filter value, repeat the filter name. See the accompanying example for guidance. URL-encode the entire value in the GET request. |
JSON response
Status 200 application/json
Response body:
{
"metadata": {
"name": "security-analytics-aap-traffic-by-time",
"version": "1",
"outputType": "FLAT",
"groupBy": [
"timestamp"
],
"start": "2026-02-01T00:00:00Z",
"end": "2026-03-01T00:00:00Z",
"availableDataEnds": null,
"suggestedRetryTime": null,
"rowCount": 4,
"filters": [
{
"name": "configId",
"values": [
"1111",
"2222"
]
},
{
"name": "hostname",
"values": [
"www.example.com",
"blog.example.com"
]
},
{
"name": "trafficType",
"values": [
"DOS",
"BOT"
]
}
],
"columns": [
{
"name": "groupBy",
"label": "timestamp"
},
{
"name": "hitsPerSec",
"label": "Hits Per Second Traffic"
}
],
"objectType": "accountId",
"objectIds": [
"1111",
"1122",
"2222",
"2233",
"2343"
]
},
"data": [
{
"timestamp": "2019-05-01T00:00:05Z",
"hitsPerSec": "2651"
},
{
"timestamp": "2019-05-01T00:00:25Z",
"hitsPerSec": "3342"
},
{
"timestamp": "2019-05-01T00:00:30Z",
"hitsPerSec": "3806"
},
{
"timestamp": "2019-05-01T00:00:15Z",
"hitsPerSec": "938"
}
],
"summaryStatistics": {
"avgHitsPerSec": {
"value": "20",
"details": {}
},
"minHitsPerSec": {
"value": "900",
"details": {}
},
"peakHitsPerSec": {
"value": "1607",
"details": {}
}
}
}Get report details
This sample Get a report type operation gets the same information you need to run the security-analytics-aap-traffic-by-time report as provided in this reference documentation, but available dynamically to your API client application.
GET /reporting-api/v1/reports/security-analytics-aap-traffic-by-time/versions/1
Status 200 application/json
Response body:
{
"name": "security-analytics-aap-traffic-by-time",
"description": "This report shows the number of detected denial-of-service (DoS) attacks, web application firewall (WAF) attacks, and bot attacks.",
"businessObjectName": "accountId",
"version": 1,
"status": "PUBLISHED",
"deprecated": false,
"timeBased": false,
"supportsPagination": false,
"outputType": "FLAT",
"available": true,
"metrics": [
{
"name": "hitsPerSec",
"description": " Number of attacks detected per second.",
"label": "Hits Per Second Traffic",
"unit": "COUNT",
"summaryStatistic": false
},
{
"name": "avgHitsPerSec",
"description": "Average number of attacks detected per second.",
"label": "Average Hits Per Second",
"unit": "COUNT",
"summaryStatistic": true
},
{
"name": "peakHitsPerSec",
"description": "Maximum (peak) number of hits detected per second.",
"label": "Peak Hits Per Second",
"unit": "COUNT",
"summaryStatistic": true
},
{
"name": "minHitsPerSec",
"description": "Minimum number of attacks detected per second.",
"label": "Min Hits Per Second",
"unit": "COUNT",
"summaryStatistic": true
}
],
"groupOutlyingValues": {
"enabled": false
},
"groupBy": [
"timestamp"
],
"filters": [
{
"name": "hostname",
"type": "string",
"description": "Hostname associated with your security configuration.",
"required": false
},
{
"name": "trafficType",
"type": "string",
"description": "Specifies the type of traffic you’re reporting on (for example, DOS, AppProtection, Custom or BOT).",
"required": false
},
{
"name": "configId",
"type": "string",
"description": "Uniquely identifies the security configuration.",
"required": false
}
],
"intervals": [
"FIVE_MINUTES"
],
"dataRetentionDays": 90,
"links": [
{
"rel": "self",
"href": "/reporting-api/v1/reports/security-analytics-aap-traffic-by-time/versions/1"
},
{
"rel": "versions",
"href": "/reporting-api/v1/reports/security-analytics-aap-traffic-by-time/versions"
},
{
"rel": "all-reports",
"href": "/reporting-api/v1/reports"
},
{
"rel": "execute-report",
"href": "/reporting-api/v1/reports/security-analytics-aap-traffic-by-time/versions/1/report-data"
}
]
}