Security
IMPORTANT: The Fastly Security API is only available to customers with access to the Next-Gen WAF product in the Fastly control panel. If you have access to the Next-Gen WAF control panel, check out the Next-Gen WAF API.
Security API allows you to manage workspaces, requests, events, redactions, tags, and rules.
Data model
action | string | Value can be 'flagged' (requests will be blocked), 'info' (requests will be logged), or 'template'. Required. | |
block_signals | array | List of block signals. | |
country | string | Country code. Required. | |
created_at | string | Created timestamp in RFC 3339 format. Required. | |
detected_at | string | Detected timestamp in RFC 3339 format. Required. | |
expires_at | string | Time at which the event expires. Required. | |
id | string | Unique ID of the event. Required. | |
reasons | array | List of signals and their counts. Required. | |
remote_hostname | string | Remote hostname. Required. | |
request_count | integer | Total number of requests. Required. | |
sample_request | object | ||
source | string | Source information. Required. | |
user_agents | array | User agents. Required. | |
window | integer | Time window in seconds where the items were detected. Required. | |
agent_response_code | integer | Agent response code. Read-only. | |
method | string | HTTP method. Read-only. | |
path | string | Request path. Read-only. | |
protocol | string | HTTP protocol. Read-only. | |
remote_ip | string | Remote IP address. Read-only. | |
request_headers | array | Request headers. Read-only. | |
response_code | integer | HTTP response code. Read-only. | |
response_headers | array | Response headers. Read-only. | |
response_size | integer | HTTP response size. Read-only. | |
response_time | integer | Response time in milliseconds. Read-only. | |
scheme | string | Request scheme. Read-only. | |
server_hostname | string | Server hostname. Read-only. | |
server_name | string | Server name. Read-only. | |
signals | array | List of signals. Read-only. | |
tls_cipher | string | TLS cipher. Read-only. | |
tls_protocol | string | TLS protocol. Read-only. | |
uri | string | Request URI. Read-only. | |
user_agent | string | User agent. Read-only. | |
attack_signal_thresholds | object | Attack threshold parameters for system site alerts. Each threshold value is the number of attack signals per IP address that must be detected during the interval before the related IP address is flagged. | |
description | string | User-submitted description of a workspace. | |
ip_anonymization | string | Agents will anonymize IP addresses according to the option selected. | |
mode | string | User-configured mode of a workspace. | |
name | string | User-submitted display name of a workspace. | |
field | string | The name of the field that should be redacted. | |
type | string | The type of field that is being redacted. Required. | |
actions | array | ||
conditions | array | ||
enabled | boolean | Turns a rule on and off. Defaults to false (off). | |
group_operator | string | Conditions that must be matched when evaluating the request. | |
request_logging | string | Available only for request rules. Indicates whether to store the logs for requests that match the rule's conditions (sampled) or not store them (none). | |
signal | string | The signal name being excluded if rule type is signal and action is 'exclude_signal'. | |
updated_at | string | Date the rule was last updated. | |
errors | array | ||
is_expired | boolean | If it is true, the event should be set to expired . Required. | |
value | string | Header value. | |
limit | integer | The limit value used when making the request. | |
total | integer | The count of requests matching the filter. | |
detector | string | Detector that detected the signal. Read-only. | |
location | string | Where the signal was detected. Read-only. | |
operator | string | Indicates whether the supplied conditions will check for existence or non-existence of matching field values. Refer to: https://docs.fastly.com/en/ngwaf/defining-rule-conditions#operators. |