19.11.13 - Apigee API Security Reporting release notes

You're viewing Apigee Edge documentation.
Go to the Apigee X documentation.

On Wednesday, November 13, 2019 we began releasing the Beta version of Apigee API security reporting for Public Cloud.

See About release numbering to understand how you can figure it out by comparing release numbers.

Questions or issues? Get help here.

Release notifications: Go to http://status.apigee.com and click Subscribe to Updates.

Release notes home page

New Features

Apigee provides an advanced set of operations and security features called Advanced API Ops available for Edge for Cloud Enterprise customers. Advanced API Ops adds enhanced security reporting to the Edge UI and APIs for accessing the data used by these reports.

Advanced API Ops includes anomaly detection which lets Edge detect traffic and performance issues instead of you having to predetermine them. Advanced API Ops adds new alert types that build on the API Monitoring alert mechanism.

The Advanced API Ops Beta is open to all Apigee Enterprise and Enterprise Plus cloud customers. When generally available, Advanced API Ops will be a paid add-on to Apigee’s Enterprise subscription and will be included as part of its Enterprise Plus subscription.

Updated Overview report screen

The Overview security report now includes information for error distribution by fault code.

See Overview reports for more.

Updated Runtime report screen

The Runtime report now displays information for:

  • Up to 30 days of data.
  • Traffic distribution by developer app.
  • Fault code details, including API proxies affected and occurrences.

See Runtime reports for more.

Updated Configuration report screen

The Configuration report now displays information about how shared flows are used by your proxies, including policies used by the shared flow, and proxies that use the shared flow.

See Configuration reports for more.

Updated User Activity report screen

The User Activity report now lets you view detailed information about individual user activity such as the API and UI calls made by the user.

Only Organization Administrators can access this UI page. No other roles, including Read-Only Organization Administrator, can access this page.

See User Activity reports for more.

Anomaly detection added

With anomaly detection, you let Edge detect traffic and performance issues instead of having to predetermine them yourself. Edge automatically looks for anomaly conditions at the organization, environment, and region levels.

New alerts

This release adds new types of alerts:

  • Anomaly alerts. Edge detects traffic and performance issues instead of you having to predetermine them yourself. You can then raise an alert for these anomalies.
  • Traffic alerts. Lets you raise an alert when traffic changes by a specified percentage over a time range. For example, you can raise an alert when traffic increases by 5% or more for one hour, or decreases by 10% or more for one week.
  • Expiry alerts. Lets you raise a notification when a TLS cert is close to expiring.

New APIs added

The following new APIs have been added to support the new Beta features, including:

See API Security Reporting for a complete list of APIs.

Known issues

The following table lists known issues in this release:
Issue ID Description

Number of logins not correct

The number of logins shown on the User Activity page can be incorrect.