-
Notifications
You must be signed in to change notification settings - Fork 630
MHN REST APIs
Jason Trost edited this page Apr 13, 2015
·
3 revisions
Here are some example endpoints that can be queried in MHN. Replaced the X'ed out api_key
with your API key found on the Settings page of your MHN server.
More documentation to follow.
Show the top attacker IPs from the past 4 hours
/api/top_attackers/?api_key=XXXXXXXXXX&hours_ago=4
Return normalized sessions/connection data. Most of the fields returned in the records can be used as parameters for search.
/api/session/?api_key=XXXXXXXXXX&limit=10
/api/session/?api_key=XXXXXXXXXX&limit=10&honeypot=conpot
/api/session/?api_key=XXXXXXXXXX&limit=100&hours_ago=1&honeypot=conpot
Return the raw hpfeeds data collected over the shockpot.events channel.
/api/feed/?api_key=XXXXXXXXXX&channel=shockpot.events&hours_ago=1
Return the metadata associated with the IP (mainly from p0f today).
/api/metadata/?api_key=XXXXXXXXXX&ip=8.8.8.8
Return some stats on IPs who have "attacked" your honeypots
/api/attacker_stats/8.8.8.8/?api_key=XXXXXXXXXX