📦 Endpoint da API
/api/trafstat
http://[ip]:[port]/api/trafstat
This endpoint returns aggregated network traffic information based on ASN and IP addresses, allowing filtering of data by flow count, ASN, and other details.
Parameter Descriptions:
timestart: Defines the start of the time range (timestamp). If not provided, it uses thecollection_intervalsubtracted from the current time.timestop: Defines the end of the time range (timestamp). If not provided, it uses the current time.fil: Filter to be applied to the data. In this example, it can be a specific ASN or an IP (e.g.,fil=ip 1.1.1.1).lines: Number of lines to return.aggregation: Data aggregation method, such assrcas(aggregation by source ASN).order: Defines the sorting of data based on a selected field (e.g.,bytes).direction: Traffic direction (srcordst).ignoreasn: Indicates whether to ignore the ASN (y/nas per the ignore-asn.json file).source: Defines the source of the data.
Example URL 1
http://[ip]:[port]/api/trafstat?timestart=1726788385914×top=1726788625914&fil=any&lines=1&aggregation=srcas&order=bytes&direction=src&ignoreasn=y&source=Borda
Example URL 2
http://[ip]:[port]/api/trafstat?fil=ip%201.1.1.1&lines=1&aggregation=srcas&order=bytes&direction=src&ignoreasn=y&source=Borda
Output
[
{
"ASN": {
"def": {
"number": "0",
"organization": "Private"
},
"dst": {
"number": 0,
"organization": "Private"
},
"src": {
"number": 13335,
"organization": "CLOUDFLARENET, US"
}
},
"City": {
"def": "",
"dst": "",
"src": ""
},
"Continent Name": {
"def": "",
"dst": "",
"src": ""
},
"Country Name": {
"def": "",
"dst": "",
"src": ""
},
"ISO Code": {
"def": "",
"dst": "",
"src": ""
},
"Latitude": {
"def": "",
"dst": "",
"src": ""
},
"Longitude": {
"def": "",
"dst": "",
"src": ""
},
"UF": {
"def": "",
"dst": "",
"src": ""
},
"aggr_flows": 2,
"asn_def": 13335,
"asn_def_name": "CLOUDFLARENET, US",
"asn_dst": 0,
"asn_src": 13335,
"bgp_next_hop": "0.0.0.0",
"bpp": 214,
"bps": 58436,
"bps_med": 58436,
"bytes": 438272,
"def_addr": "0.0.0.0",
"dst_addr": "0.0.0.0",
"dst_addr_nat": "",
"dst_net_mask": "/0",
"dst_port": 0,
"dst_port_nat": "",
"first": 1726792800,
"input_snmp": 0,
"input_snmp_desc": null,
"input_snmp_name": null,
"ip_next_hop": "0.0.0.0",
"label": "<none>",
"last": 1726792860,
"mac_dst_in": "",
"mac_dst_out": "",
"mac_src_in": "",
"mac_src_out": "",
"output_snmp": 0,
"output_snmp_desc": null,
"output_snmp_name": null,
"packets": 2048,
"proto": "Any",
"src_addr": "0.0.0.0",
"src_addr_nat": "",
"src_net_mask": "/0",
"src_port": 0,
"src_port_nat": "",
"tcp_flags": "........",
"tos": 0
}
]
Field Descriptions
ASN: Information about the involved ASNs.def: Default ASN.dst: Destination ASN.src: Source ASN, in this example, Google (15169) or Cloudflare (13335).aggr_flows: Total number of aggregated flows.bpp: Bytes per packet.bps: Bits per second.bps_med: Bits per second (based on the selected interval).bytes: Total bytes transferred.packets: Total number of packets.proto: Protocol (e.g., TCP, UDP, etc.).src_addr: Source address (anonymized as0.0.0.0).dst_addr: Destination address (anonymized as0.0.0.0).
/api/favpie
http://[ip]:[port]/api/favpie
This endpoint returns aggregated network traffic information contained in the fav-asn-prefix-graphs.json file.
Parameter Descriptions:
timestart: Defines the start of the time range (timestamp). If not provided, uses thecollection_intervalvalue subtracted from the current time.timestop: Defines the end of the time range (timestamp). If not provided, uses the current time.fil: Filter to be applied to the data.lines: Defines the number of lines to return.aggregation: Data aggregation method.order: Defines the sorting of data based on a selected field.direction: Traffic direction (srcordst).ignoreasn: Defines whether ASN data should be ignored or not (see ignore-asn.json).source: Defines the data source.
The JSON response contains network traffic information grouped by companies or services, including the number of bytes and bits per second (bps). Below are three example outputs.
Example URL 1
http://[ip]:[port]/api/favpie?timestart=1726788385914×top=1726788625914&fil=any&lines=1&aggregation=nextas&order=bytes&direction=src&ignoreasn=n&source=Borda
Output
[
{
"bps": 2356627,
"bytes": 26217472,
"name_info": "Garena"
},
{
"bps": 2991787,
"bytes": 26926080,
"name_info": "Microsoft"
},
{
"bps": 5970243,
"bytes": 28358656,
"name_info": "Netflix"
},
{
"bps": 8984600,
"bytes": 95461376,
"name_info": "Apple"
}
]
Example URL 2
http://[ip]:[port]/api/favpie?fil=any&lines=1&aggregation=nextas&order=bytes&direction=src&ignoreasn=n&source=Borda
Output
[
{
"bps": 122115,
"bytes": 3434496,
"name_info": "Level3"
},
{
"bps": 1734763,
"bytes": 62234624,
"name_info": "Valve Corp."
},
{
"bps": 1960401,
"bytes": 83072000,
"name_info": "Garena"
},
{
"bps": 3781231,
"bytes": 118163456,
"name_info": "Netflix"
},
]
Example URL 3
http://[ip]:[port]/api/favpie?fil=as 15169&lines=1&aggregation=nextas&order=bytes&direction=src&ignoreasn=n&source=Borda
Saída
[
{
"bps": 255097900,
"bytes": 3730806784,
"name_info": "Google"
}
]
Field Descriptions
bps: Bits per second rate (bps).bytes: Total number of bytes transferred.name_info: Name of the company or service associated with the traffic (e.g., “Google”, “Netflix”, “Akamai”).
/api/traffile
http://[ip]:[port]/api/traffile
This endpoint returns network traffic information based on flow files, allowing filtering by ASN, IP address, country, among others. Below are example API calls, their JSON outputs, and parameter explanations.
Parameter Descriptions:
timestart: Defines the start of the time range (timestamp). If not provided, uses thecollection_intervalvalue subtracted from the current time.timestop: Defines the end of the time range (timestamp). If not provided, uses the current time.fil: Filter to be applied to the data.aggregation: Data aggregation method.order: Defines the sorting of data based on the selected field.source: Defines the data source.
Example URL 1
http://[ip]:[port]/api/traffile?timestart=1726788385914×top=1726788625914&fil=dst ip 8.8.8.8&aggregation=router&order=bytes&source=Borda
Example URL 2
http://[ip]:[port]/api/traffile?fil=any&aggregation=router&order=bytes&source=Borda
The JSON response contains detailed information about network traffic. Below are two example outputs, one with general data and another filtered by IP address.
[
{
"ASN": {
"def": {
"number": "0",
"organization": "Private"
},
"dst": {
"number": 0,
"organization": "Private"
},
"src": {
"number": 0,
"organization": "Private"
}
},
"City": {
"def": "",
"dst": "",
"src": ""
},
"Continent Name": {
"def": "",
"dst": "",
"src": ""
},
"Country Name": {
"def": "",
"dst": "",
"src": ""
},
"ISO Code": {
"def": "",
"dst": "",
"src": ""
},
"Latitude": {
"def": "",
"dst": "",
"src": ""
},
"Longitude": {
"def": "",
"dst": "",
"src": ""
},
"UF": {
"def": "",
"dst": "",
"src": ""
},
"aggr_flows": 24,
"asn_def": 0,
"asn_def_name": null,
"asn_dst": 0,
"asn_src": 0,
"bgp_next_hop": "0.0.0.0",
"bpp": 100,
"bps": 330820,
"bytes": 2481152,
"def_addr": "0.0.0.0",
"dst_addr": "0.0.0.0",
"dst_addr_nat": "",
"dst_net_mask": "/0",
"dst_port": 0,
"dst_port_nat": "",
"first": 1726788300,
"input_snmp": 0,
"input_snmp_desc": null,
"input_snmp_name": null,
"ip_next_hop": "0.0.0.0",
"label": "<none>",
"last": 1726788360,
"mac_dst_in": "",
"mac_dst_out": "",
"mac_src_in": "",
"mac_src_out": "",
"output_snmp": 0,
"output_snmp_desc": null,
"output_snmp_name": null,
"packets": 24576,
"proto": "Any",
"src_addr": "0.0.0.0",
"src_addr_nat": "",
"src_net_mask": "/0",
"src_port": 0,
"src_port_nat": "",
"tcp_flags": "........",
"tos": 0
}
]
Field Descriptions
ASN: Information about the involved ASNs.def: Default ASN.dst: Destination ASN.src: Source ASN.City: City information (empty if not available).Continent Name: Continent name (empty if not available).Country Name: Country name (empty if not available).ISO Code: Country ISO code (empty if not available).Latitude: Latitude of the location (empty if not available).Longitude: Longitude of the location (empty if not available).UF: Federal Unit (state) (empty if not available).aggr_flows: Total number of aggregated flows.bpp: Bytes per packet.bps: Bits per second.bytes: Total bytes.packets: Total number of packets.proto: Protocol (e.g., TCP, UDP, etc.).src_addr: Source address (may be anonymized as0.0.0.0).dst_addr: Destination address (may be anonymized as0.0.0.0).
/api/trafinterface
http://[ip]:[port]/api/trafinterface
This endpoint returns network traffic information based on network interfaces. It offers parameters to filter data by interface, number of lines, and traffic direction.
Parameter Descriptions:
timestart: Defines the start of the time range (timestamp). If not provided, uses thecollection_intervalvalue subtracted from the current time.timestop: Defines the end of the time range (timestamp). If not provided, uses the current time.fil: Filter to be applied to the data.lines: Number of lines to return.min: Minimum value for inclusion in the result.direction: Traffic direction, can besrc(source) ordst(destination).source: Defines the data source.
Examples
Example URL 1
http://[ip]:[port]/api/trafinterface?fil=any&lines=5&min=0&direction=src&source=Borda
Example URL 2
http://[ip]:[port]/api/trafinterface?timestart=1726788385914×top=1726788625914&fil=any&lines=5&min=0&direction=src&source=Borda
The JSON response contains information about network traffic on different interfaces. Below are two example outputs, one with a single timestamp and another with multiple time intervals.
Single Time Interval
[
{
"interface": "40GE0/1/49.2114 (ISP_IPV4)",
"datatime": [
1726789440
],
"bps": [
9614664226
]
},
{
"interface": "40GE0/1/49.2115 (ISP_IPV6)",
"datatime": [
1726789440
],
"bps": [
668149760
]
}
]
Multiple Time Intervals
[
{
"interface": "40GE0/1/49.2114 (ISP_IPV4)",
"datatime": [
1726788300,
1726788360,
1726788420,
1726788480,
1726788540
],
"bps": [
9421421636,
8984884156,
8960525244,
9507422345,
9446268245
]
},
{
"interface": "40GE0/1/49.2115 (ISP_IPV6)",
"datatime": [
1726788300,
1726788360,
1726788420,
1726788480,
1726788540
],
"bps": [
645386923,
516382993,
588439142,
575840393,
609231804
]
}
]
Field Descriptions
interface: Name of the network interface and its identifier.datatime: List of timestamps representing the time of each measurement in seconds.bps: List of bits per second (bps) values measured during the different time intervals.
Each object in the array contains aggregated data for a network interface, with its respective traffic values in bits per second (bps) and the corresponding times (datatime).
/api/trafasn
http://[ip]:[port]/api/trafasn
This endpoint returns network traffic information based on Autonomous Systems (ASN). It provides parameters to filter data by number of lines/results, aggregation, and other network traffic relevant options.
Parameter Descriptions:
timestart: Defines the start of the time range (timestamp). If not provided, uses thecollection_intervalvalue subtracted from the current time.timestop: Defines the end of the time range (timestamp). If not provided, uses the current time.fil: Filter to be applied to the data.lines: Number of lines/results to return.min: Minimum value for inclusion in the result.ignoreasn: Indicates whether to ignore the ASN or not (see ignore-asn.json file).source: Defines the data source.
Examples
Example URL 1
http://[ip]:[port]/api/trafasn?timestart=1726788385914×top=1726788625914&fil=any&lines=5&min=0&ignoreasn=n&source=Borda
Example URL 2
http://[ip]:[port]/api/trafasn?fil=any&lines=5&min=0&ignoreasn=n&source=Borda
The JSON response contains information about network traffic for different ASNs (Autonomous Systems). Below are two example outputs, one with multiple time intervals and another with a single interval.
Multiple Time Intervals
[
{
"asn": "15169 - GOOGLE",
"bps": [
612436787,
554084625,
587778185,
602698001
],
"datatime": [
1726788300,
1726788360,
1726788420,
1726788480
]
},
{
"asn": "396986 - BYTEDANCE",
"bps": [
440557978,
401984034,
439798579,
406524587
],
"datatime": [
1726788300,
1726788360,
1726788420,
1726788480
]
}
]
Single Time Interval
[
{
"asn": "15169 - GOOGLE",
"bps": [
568579140
],
"datatime": [
1726788540
]
},
{
"asn": "396986 - BYTEDANCE",
"bps": [
434271983
],
"datatime": [
1726788540
]
}
]
Field Descriptions
asn: Autonomous System Number (ASN) and its associated name.bps: List of bits per second (bps) values measured during different time intervals.datatime: List of timestamps representing the time of each measurement in seconds.
Each object in the array contains aggregated data of an ASN, with its respective traffic values in bits per second (bps) and the corresponding times (datatime).
/api/trafsubnet
http://[ip]:[port]/api/trafsubnet
This endpoint returns network traffic information based on subnet prefixes. It offers parameters to filter data by prefix, subnet mask, and aggregation options. Below are example API calls, their JSON outputs, and parameter explanations.
Parameter Descriptions:
timestart: Defines the start of the time range (timestamp). If not provided, uses thecollection_intervalvalue subtracted from the current time.timestop: Defines the end of the time range (timestamp). If not provided, uses the current time.fil: Filter to be applied to the data.prefix: Network prefix in CIDR format.mask: Subnet mask for division.aggregation: Data aggregation method.order: Defines the sorting order of data based on the selected field.direction: Traffic direction, can bein(incoming) orout(outgoing).source: Defines the data source.
Examples
Example URL 1
http://[ip]:[port]/api/trafsubnet?timestart=1726785443664×top=1726787243664&fil=any&prefix=10.0.68.0/22&mask=24&aggregation=router&order=bytes&direction=in&source=Borda
The JSON response from this endpoint contains information about CIDRs divided by mask. Below are example JSON outputs for both IPv4 and IPv6.
Example URL 2
http://[ip]:[port]/api/trafsubnet?fil=any&prefix=10.0.68.0/22&mask=24&aggregation=router&order=bytes&direction=in&source=Borda
Output IPv4
{
"prefixos": [
{
"sequencial": 1,
"prefixo": "10.0.68.0/24",
"in_packets": 24623104,
"in_bytes": 23884635136,
"aggr_flows": 10040
},
{
"sequencial": 2,
"prefixo": "10.0.69.0/24",
"in_packets": 1844224,
"in_bytes": 1973950464,
"aggr_flows": 609
},
{
"sequencial": 3,
"prefixo": "10.0.70.0/24",
"in_packets": 2002944,
"in_bytes": 1551982592,
"aggr_flows": 1058
},
{
"sequencial": 4,
"prefixo": "10.0.71.0/24",
"in_packets": 1803264,
"in_bytes": 1824263168,
"aggr_flows": 672
}
]
}
Example URL 3
http://[ip]:[port]/api/trafsubnet?fil=any&prefix=2001:db8::/32&mask=34&aggregation=router&order=bytes&direction=in&source=Borda
Saída para IPv6
{
"prefixos": [
{
"sequencial": 1,
"prefixo": "2001:db8::/34",
"in_packets": 11264,
"in_bytes": 843776,
"aggr_flows": 11
},
{
"sequencial": 2,
"prefixo": "2001:db8:4000::/34",
"in_packets": 0,
"in_bytes": 0,
"aggr_flows": 0
},
{
"sequencial": 3,
"prefixo": "2001:db8:8000::/34",
"in_packets": 4832256,
"in_bytes": 5288214528,
"aggr_flows": 1254
},
{
"sequencial": 4,
"prefixo": "2001:db8:c000::/34",
"in_packets": 0,
"in_bytes": 0,
"aggr_flows": 0
}
]
}
/api/trafnet8
http://[ip]:[port]/api/trafnet8
This endpoint returns traffic information for the entire IPv4 network (0.0.0.0/0) segmented into /8 prefixes.
Parameter Descriptions:
timestart: Defines the start of the time range (timestamp). If not provided, uses thecollection_intervalvalue subtracted from the current time.timestop: Defines the end of the time range (timestamp). If not provided, uses the current time.fil: Filter to be applied to the data.net8start: Start of the /8 prefix range.net8stop: End of the /8 prefix range.aggregation: Data aggregation method.order: Defines the sorting order of data based on the selected field.direction: Traffic direction, can bein(incoming) orout(outgoing).source: Defines the data source.
Examples
Example URL 1
http://[ip]:[port]/api/trafnet8?timestart=1726785443664×top=1726787243664&fil=any&net8start=186&net8stop=187&aggregation=router&order=bytes&direction=in&source=Borda
Example URL 2
http://[ip]:[port]/api/trafnet8?fil=any&net8start=180&net8stop=188&aggregation=router&order=bytes&direction=in&source=Borda
The JSON response from both endpoints will be similar, containing aggregated network traffic information for the specified prefixes. Below is an example response:
{
"prefixos": [
{
"sequencial": 186,
"prefixo": "186.0.0.0/8",
"in_packets": 1222082560,
"in_bytes": 1186731710464,
"aggr_flows": 469254
},
{
"sequencial": 187,
"prefixo": "187.0.0.0/8",
"in_packets": 69889024,
"in_bytes": 71390141440,
"aggr_flows": 19808
}
]
}
/api/trafprefix
http://[ip]:[port]/api/trafprefix
This endpoint returns detailed network traffic information grouped by prefix, including data such as number of packets, bytes transferred, bits per second (bps), bytes per packet (bpp), number of flows, as well as geographic and ASN information associated with each prefix.
Parameter Descriptions:
timestart: Defines the start of the time range (Unix timestamp). If not provided, uses the value of collection_interval subtracted from the current time.timestop: Defines the end of the time range (Unix timestamp). If not provided, uses the current time.fil: Filter to be applied to the data. For example, it can be a specific IP address (fil=ip 1.1.1.1) or any other supported filter.lines: Number of lines to return.order: Defines the sorting of data based on a selected field (e.g.,bytes).direction: Traffic direction (srcfor source ordstfor destination).family: Defines the IP address family to consider (4for IPv4 or6for IPv6). Default is4.mask: Defines the network mask to apply to prefixes. Default is24for IPv4 and34for IPv6.source: Defines the data source.
Example URL:
http://[ip]:[port]/api/trafprefix?timestart=1726788385×top=1726788625&fil=any&lines=10&order=bytes&direction=src&family=4&mask=24&source=Borda
Output:
[
{
"datatime": 1743036000,
"prefix": "255.0.0.0/24",
"asn_number": "AS65530",
"asn_name": "Remontti Telecom",
"reverse_dns": "255-0-0-0.remontti.com.br",
"latitude": -27.0000,
"longitude": -53.0000,
"in_packets": 15875072,
"in_bytes": 19680200704,
"bps": 1345654748,
"bpp": 1239,
"flows": 5000
},
{
"datatime": 1743036000,
"prefix": "255.0.1.0/24",
"asn_number": "AS65530",
"asn_name": "Remontti Telecom",
"reverse_dns": "255-0-1-0.remontti.com.br",
"latitude": -27.0000,
"longitude": -53.0000,
"in_packets": 3195904,
"in_bytes": 3968345088,
"bps": 283453220,
"bpp": 1241,
"flows": 739
}
]
Output Field Descriptions:
datatime: Unix timestamp representing the time of data collection.prefix: Network prefix in CIDR format.asn_number: Autonomous System Number (ASN) associated with the prefix.asn_name: Name of the organization corresponding to the ASN.reverse_dns: Reverse DNS name associated with the prefix.latitude: Geographic latitude associated with the prefix.longitude: Geographic longitude associated with the prefix.in_packets: Number of incoming packets.in_bytes: Number of incoming bytes.bps: Bits per second rate.bpp: Bytes per packet.flows: Number of observed flows.
This endpoint is useful for detailed network traffic analysis, allowing identification of patterns, traffic origins and destinations, as well as geographic and organizational information associated with the observed prefixes.
/api/hardware
http://[ip]:[port]/api/hardware
This endpoint returns detailed information about the system hardware, including CPU, disk, memory, and operating system data. Below is an explanation of each field in the JSON output:
Field Descriptions
cpu
cpu_count: Total number of CPU cores (in this example, 12 cores).cpu_freq: Current CPU frequency in MHz (here, 2298 MHz).cpu_percent_per_core: List of percentage usage per CPU core. Each index corresponds to a core (all 0.0% usage in this example).cpu_percent_total: Total CPU usage percentage (0.0% at the time of the request).
disk
disk_partitions: List of disk partitions.device: Disk device (here,/dev/sda1).fstype: Filesystem type used (here,ext4).mountpoint: Mount point of the partition (here,/).disk_usage: Disk usage information.free: Free disk space in bytes.percent: Percentage of disk space used.total: Total disk size in bytes.used: Used disk space in bytes.
memory
available: Available memory in bytes.percent: Percentage of memory used.total: Total system memory in bytes.used: Used memory in bytes.
system
kernel_version: Operating system kernel version.motherboard: Motherboard information (not available in this example).os_release: Operating system distribution information.BUG_REPORT_URL: URL for reporting bugs.HOME_URL: Main URL of the OS.ID: Distribution identifier.NAME: Distribution name.PRETTY_NAME: More descriptive OS version name.SUPPORT_URL: Support URL.VERSION: OS version.VERSION_CODENAME: Version codename.VERSION_ID: Version identifier.tools_versions: Versions of key network utilities:nfcapd,nfdump,sfcapd: All with version “1.7.4-release”.uptime: System continuous uptime (in this example, 2 days and 4 hours).
http://[ip]:[port]/api/hardware
{
"cpu": {
"cpu_count": 12,
"cpu_freq": 2298,
"cpu_percent_per_core": [
0.0,
0.0,
0.0,
0.0,
0.0,
0.0,
0.0,
0.0,
0.0,
0.0,
0.0,
0.0
],
"cpu_percent_total": 0.0
},
"disk": {
"disk_partitions": [
{
"device": "/dev/sda1",
"fstype": "ext4",
"mountpoint": "/"
}
],
"disk_usage": {
"free": 28065935360,
"percent": 9.3,
"total": 32626225152,
"used": 2876801024
}
},
"memory": {
"available": 7792734208,
"percent": 6.4,
"total": 8324440064,
"used": 294854656
},
"system": {
"kernel_version": "6.1.0-25-amd64",
"motherboard": "N/A",
"os_release": {
"BUG_REPORT_URL": "https://bugs.debian.org/",
"HOME_URL": "https://www.debian.org/",
"ID": "debian",
"NAME": "Debian GNU/Linux",
"PRETTY_NAME": "Debian GNU/Linux 12 (bookworm)",
"SUPPORT_URL": "https://www.debian.org/support",
"VERSION": "12 (bookworm)",
"VERSION_CODENAME": "bookworm",
"VERSION_ID": "12"
},
"tools_versions": {
"nfcapd": "1.7.4-release",
"nfdump": "1.7.4-release",
"sfcapd": "1.7.4-release"
},
"uptime": "2 dias, 04:42"
}
}
/api/filter/ports
http://[ip]:[port]/api/filter/ports
This endpoint returns a list of filters based on network ports and protocols (TCP, UDP, ICMP, GRE) used for various network services, as present in the fav-services-graphs.json file.
Output
[
{
"description": "DNS (UDP/TCP)",
"filter": "DIRECTION port 53 AND (proto udp OR proto tcp)"
},
{
"description": "MySQL (TCP)",
"filter": "DIRECTION port 3306 AND (proto tcp)"
},
{
"description": "POP E-Mail (TCP)",
"filter": "DIRECTION port 110 OR DIRECTION port 143 OR DIRECTION port 995 AND (proto tcp)"
},
{
"description": "Ping (ICMP)",
"filter": "proto icmp"
},
{
"description": "SNMP (UDP)",
"filter": "DIRECTION port 161 OR DIRECTION port 162 AND (proto udp)"
},
{
"description": "Tunel GRE (GRE)",
"filter": "proto gre"
}
]
/api/filter/custom
http://[ip]:[port]/api/filter/custom
This endpoint returns a list of filters from the custom-filters.json file.
Output
[
{
"filter": "dst port 21 and (flags F or flags R)",
"name": "FTP brute force"
},
{
"filter": "dst port 8291 and (flags F or flags R)",
"name": "Winbox brute force"
},
{
"filter": "dst port 2000 and (flags F or flags R)",
"name": "Mikrotik Btest brute force"
},
{
"filter": "dst port 53 and (flags F or flags R)",
"name": "DNS brute force"
}
]
Field Descriptions
filter: Filter expression.name: Name of the filter.
Example API calls:
http://186.250.168.49:5000/api/listpeer/${source}
http://186.250.168.49:5000/api/listpeer/Borda
Field Descriptions
description: Description of the network service or protocol corresponding to the filter (e.g., “DNS”, “FTP”, “Web HTTP/HTTPS”).filter: Logical expression defining the traffic filter, including network port, direction (in/out), and associated protocols (TCP, UDP, ICMP, etc.).
/api/disktest
http://[ip]:[port]/api/disktest
Performs disk read and write speed tests.
{
"read_speed": "2 GB/s",
"write_speed": "988 MB/s"
}
/api/conf
http://[ip]:[port]/api/conf
This endpoint returns the config.json file.
/api/conf/fav/as_prefix_only
http://[ip]:[port]/api/conf/fav/as_prefix_only
This endpoint returns a list of filters from the fav-asn-prefix-graphs.json file.
Output
[
{
"description": "Youtube",
"filter": {
"as": [
"36040"
],
"prefix": [
"34.104.32.0/21",
"34.126.224.0/20",
"34.187.0.0/24",
"64.15.112.0/20",
"70.32.133.0/24",
"104.237.160.0/19",
"136.22.128.0/19",
"136.117.0.0/24",
"142.250.34.0/24",
"185.192.248.0/26",
"185.192.249.0/24",
"185.192.251.192/26",
"190.210.140.128/27",
"194.122.80.0/22",
"207.126.144.0/20",
"208.65.152.0/22",
"208.76.215.0/24",
"208.117.224.0/19",
"209.85.137.0/24"
]
}
},
{
"description": "Google Cloud",
"filter": " as 396982"
},
{
"description": "Google",
"filter": " as 15169"
}
]
Field Descriptions
description: Description of the service or company related to the ASN and/or prefix (e.g., “Youtube”, “Google Cloud”, “Google”).filter: Applied filter, which can contain only the ASN number or a combination of ASN and prefixes.as: List of Autonomous Systems (ASNs) associated with the service.prefix: List of network prefixes in CIDR format associated with the service.
/api/conf/my_prefix
http://[ip]:[port]/api/conf/my_prefix
This endpoint returns a list of network prefixes, both IPv4 and IPv6, from the my-prefix.json file.
Output
[
{
"description": "IPv4 10.0.68.0/24",
"filter": "DIRECTION net 10.0.68.0/24"
},
{
"description": "IPv4 10.0.69.0/24",
"filter": "DIRECTION net 10.0.69.0/24"
},
{
"description": "IPv6 2001db8::/33",
"filter": "DIRECTION net 2001db8::/33"
},
{
"description": "IPv6 2001db8:8000::/33",
"filter": "DIRECTION net 2001db8:8000::/33"
}
]
Field Descriptions
description: Description.filter: Filter used to define network traffic based on the network prefix. The filter uses the termDIRECTION netto specify the direction of traffic in the network.
/api/conf/fav/as_prefix_int
http://[ip]:[port]/api/conf/fav/as_prefix_int
This endpoint returns a list of filters from the my-prefix-int.json file.
Output
[
{
"description": "Servidores",
"filter": "DIRECTION net 192.168.168.0/26 OR DIRECTION net 2001:db8:bebe:cafe::/64"
}
]
Field Descriptions
description: Description.filter: Filter.
/api/listinterfacesnmp/{source}
http://[ip]:[port]/api/listinterfacesnmp/{source}
This endpoint returns a list of SNMP interfaces, allowing identification of monitored network interfaces on a specific router or switch, based on the source provided in the {source} parameter. The returned data comes from the corresponding SNMP interfaces configuration file.
Parameters
source: Name of the data source. This parameter defines which set of SNMP i*
/api/listpeer/{source}
http://[ip]:[port]/api/listpeer/{source}
This endpoint returns a list of BGP peers from the peers.json file.
Example
http://[ip]:[port]/api/listpeer/Borda
Output
[
{
"filter": "bgpnext ip 10.50.50.6",
"name": "PROVIDER X AS123456789 (10.50.50.6)"
},
{
"filter": "bgpnext ip FD00:BACB:50:252::2",
"name": "PROVIDER X AS123456789 (FD00:BACB:50:252::2)"
}
]
Field Descriptions
filter: The filter to identify BGP traffic associated with the peer, based on the next hop (bgpnext ip).name: The descriptive name of the peer, including the autonomous system (ASN) and the IP address.
/api/all_asn_data/{asn}
http://[ip]:[port]/api/all_asn_data/{asn}
This endpoint returns detailed data about an Autonomous System Number (ASN), including information about IP prefixes, upstreams, downstreams, and more. Below is an example JSON output and field explanations.
Example Call
http://[ip]:[port]/api/all_asn_data/123456789
Output JSON
{
"asn_info": {
"asn": 123456789,
"country_code": "BR",
"date_allocated": "2018-06-11 00:00:00",
"date_updated": "2024-09-17 07:23:26",
"name": "Remontti Telecomunicacoes Ltda",
"rir_name": "Lacnic",
"website": null
},
"downstreams": {
"ip_downstreams": [
{
"asn": 987654321,
"country_code": "BR",
"ipv4": "Sim",
"ipv6": "Não",
"name": "CHAVES EIRELI"
}
],
"total_ipv4_downstreams": 1,
"total_ipv6_downstreams": 0
},
"ixs": {
"total_ixs": 0
},
"prefixes": {
"ip_prefixes": [
{
"ip_version": "IPv4",
"prefix": "10.0.196.0/22",
"roa_status": "Valid"
},
{
"ip_version": "IPv6",
"prefix": "2001:db8::/32",
"roa_status": "Valid"
}
],
"total_ipv4_prefixes": 7,
"total_ipv6_prefixes": 7
},
"upstreams": {
"ip_upstreams": [
{
"asn": 9999999,
"country_code": "BR",
"ipv4": "Sim",
"ipv6": "Sim",
"name": "Madruga Telecomunicacoes Ltda"
}
],
"total_ipv4_upstreams": 1,
"total_ipv6_upstreams": 1
}
}
Field Descriptions
asn_info
asn: Autonomous System Number.country_code: Country code associated with the ASN.date_allocated: Date the ASN was allocated.date_updated: Last update date of the ASN.name: Name of the organization associated with the ASN.rir_name: Name of the Regional Internet Registry (RIR) that allocated the ASN.website: Organization’s website (if available).
downstreams
ip_downstreams: List of autonomous systems that are downstream of this ASN.asn: Downstream ASN number.ipv4: Indicates IPv4 support.ipv6: Indicates IPv6 support.name: Name of the downstream organization.total_ipv4_downstreams: Total number of downstreams with IPv4 support.total_ipv6_downstreams: Total number of downstreams with IPv6 support.
ixs
total_ixs: Total number of Internet Exchange Points (IXs) associated with the ASN.
prefixes
ip_prefixes: List of network prefixes (IPv4 and IPv6) associated with the ASN.ip_version: IP version (IPv4 or IPv6).prefix: IP block in CIDR format.roa_status: ROA (Route Origin Authorization) status associated with the prefix.total_ipv4_prefixes: Total number of IPv4 prefixes associated with the ASN.total_ipv6_prefixes: Total number of IPv6 prefixes associated with the ASN.
upstreams
ip_upstreams: List of autonomous systems that are upstream of this ASN.asn: Upstream ASN number.ipv4: Indicates IPv4 support.ipv6: Indicates IPv6 support.name: Name of the upstream organization.total_ipv4_upstreams: Total number of upstreams with IPv4 support.total_ipv6_upstreams: Total number of upstreams with IPv6 support.
This endpoint provides a comprehensive overview of information related to a specific ASN, including upstreams, downstreams, prefixes, and ROA status.
/api/db/traf
Prints the output of data_traffic_analysis.json
/api/db/traf/{description}
Prints the collected data output from data_traffic_analysis.json
/api/db/traf/{start}/{stop}/{description}
/api/db/traf/{start}/{stop}/{description}
start and stop can be provided as timestamp or in the format YYYY-MM-DD HH:MM:SS
Example:
/api/db/traf/1729195187432/1729198787432/Suspicious%20Traffic
/api/db/traf/2024-10-17 11:00:00/2024-10-17 12:00:00/Suspicious Traffic
[
{
"aggr_flows": 1,
"bpp": 619,
"bps": 84514,
"bytes": 633856,
"packets": 1024,
"timestamp": 1729195200
},
{
"aggr_flows": 2,
"bpp": 579,
"bps": 158242,
"bytes": 1186816,
"packets": 2048,
"timestamp": 1729195560
},
...
]
/api/test/email
Email Server Connectivity Test
/api/test/email/connection
Email Sending Test
/api/test/email/{message}/{destination-email}
/api/test/email/Message/company1@company1.com
/api/test/telegram
Telegram Message Sending Test
/api/test/telegram/{message}
/api/test/telegram/{message}/{chat id}
/api/test/telegram/{message}
/api/test/telegram/{message}/{chat id}
/api/ping/
Performs a ping test to the specified destination. It returns detailed information about latency and packet loss for the destination, for both IPv4 and IPv6. The destination can be any valid domain name or IP address.
/api/ping/google.com.br
{
"destino": "google.com.br",
"resultados": {
"4": {
"destino": "google.com.br",
"estatisticas": {
"asn": "AS15169 GOOGLE",
"latencia_maxima_ms": 17.155,
"latencia_media_ms": 17.12,
"latencia_minima_ms": 17.077,
"latitude": 37.751,
"longitude": -97.822,
"pacotes_enviados": 4,
"pacotes_recebidos": 4,
"perda_percentual": 0.0
},
"familia": "4",
"pacotes": [
{
"ip": "172.217.29.195",
"rtt_ms": 17.1
},
{
"ip": "172.217.29.195",
"rtt_ms": 17.1
},
{
"ip": "172.217.29.195",
"rtt_ms": 17.2
},
{
"ip": "172.217.29.195",
"rtt_ms": 17.1
}
]
},
"6": {
"destino": "google.com.br",
"estatisticas": {
"asn": "AS15169 GOOGLE",
"latencia_maxima_ms": 18.144,
"latencia_media_ms": 18.067,
"latencia_minima_ms": 17.993,
"latitude": -23.5335,
"longitude": -46.6359,
"pacotes_enviados": 4,
"pacotes_recebidos": 4,
"perda_percentual": 0.0
},
"familia": "6",
"pacotes": [
{
"ip": "2800:3f0:4001:838::2003",
"rtt_ms": 18.1
},
{
"ip": "2800:3f0:4001:838::2003",
"rtt_ms": 18.1
},
{
"ip": "2800:3f0:4001:838::2003",
"rtt_ms": 18.1
},
{
"ip": "2800:3f0:4001:838::2003",
"rtt_ms": 18.0
}
]
}
}
}
/api/trace/
Performs a traceroute test to the specified destination. It returns information about the hops that packets pass through to reach the destination, including latency and the ASN (Autonomous System Number) of each hop. The destination can be a valid domain name or an IP address.
/api/trace/google.com.br
{
"destino": "google.com.br",
"resultados": {
"4": {
"destino": "google.com.br",
"familia": "4",
"ip_destino": "172.217.29.195",
"saltos": [
{
"asn": null,
"ip": "10.50.50.1",
"latitude": null,
"longitude": null,
"reverse_dns": null,
"rtt_ms": 1.15,
"salto": 1
},
{
"asn": null,
"ip": "10.50.50.18",
"latitude": null,
"longitude": null,
"reverse_dns": null,
"rtt_ms": 1.11,
"salto": 2
},
{
"asn": null,
"ip": "187.16.218.58",
"latitude": -22.8305,
"longitude": -43.2192,
"reverse_dns": "as15169.saopaulo.sp.ix.br",
"rtt_ms": 16.54,
"salto": 3
},
{
"asn": "AS15169 GOOGLE",
"ip": "142.251.64.27",
"latitude": 37.751,
"longitude": -97.822,
"reverse_dns": null,
"rtt_ms": 17.59,
"salto": 4
},
{
"asn": "AS15169 GOOGLE",
"ip": "192.178.110.189",
"latitude": 37.751,
"longitude": -97.822,
"reverse_dns": null,
"rtt_ms": 17.5,
"salto": 5
},
{
"asn": "AS15169 GOOGLE",
"ip": "172.217.29.195",
"latitude": 37.751,
"longitude": -97.822,
"reverse_dns": "eze04s11-in-f3.1e100.net",
"rtt_ms": 17.0,
"salto": 6
}
],
"status": "destino alcançado"
},
"6": {
"destino": "google.com.br",
"familia": "6",
"ip_destino": "2800:3f0:4001:835::2003",
"saltos": [
{
"asn": null,
"ip": "fd00:bacb:50::1",
"latitude": null,
"longitude": null,
"reverse_dns": null,
"rtt_ms": 1.98,
"salto": 1
},
{
"asn": null,
"ip": "fd00:bacb:50:16::2",
"latitude": null,
"longitude": null,
"reverse_dns": null,
"rtt_ms": 1.96,
"salto": 2
},
{
"asn": null,
"ip": "2001:12f8::218:58",
"latitude": -22.8305,
"longitude": -43.2192,
"reverse_dns": "as15169.saopaulo.sp.ix.br",
"rtt_ms": 16.49,
"salto": 3
},
{
"asn": "AS15169 GOOGLE",
"ip": "2001:4860:0:1::7cdb",
"latitude": null,
"longitude": null,
"reverse_dns": null,
"rtt_ms": 17.06,
"salto": 4
},
{
"asn": "AS15169 GOOGLE",
"ip": "2001:4860:0:1::8b31",
"latitude": null,
"longitude": null,
"reverse_dns": null,
"rtt_ms": 16.45,
"salto": 4
},
{
"asn": "AS15169 GOOGLE",
"ip": "2800:3f0:4001:835::2003",
"latitude": -23.5335,
"longitude": -46.6359,
"reverse_dns": null,
"rtt_ms": 17.18,
"salto": 6
}
],
"status": "destino alcançado"
}
}
}