Skip to main content

Aaa Accounting

Endpoints Summary

Method Path Swagger
GET /aaa_accounting/ Swagger ↗
GET /aaa_accounting/{radacctid}/ Swagger ↗

The AAA Accounting endpoints provide access to RADIUS accounting records that track user authentication, authorization, and accounting (AAA) sessions. These endpoints allow you to retrieve detailed session information including connection times, data usage, network details, and session status for monitoring and reporting purposes.

Base URL: https://gate.zequenze.com/api/v1

Authentication: All endpoints require a Bearer token:

Authorization: Bearer <your-api-token>

Overview

The AAA Accounting API category provides comprehensive access to RADIUS accounting data that tracks network access sessions across your organization. These endpoints are essential for network administrators, security teams, and compliance officers who need to monitor user activity, track bandwidth usage, and generate detailed reports on network access patterns.

Key Features:

  • Session Tracking: Monitor active and historical user sessions with detailed start/stop times
  • Data Usage Monitoring: Track input/output data volumes for bandwidth analysis and billing
  • Network Diagnostics: Access detailed connection information including NAS details, IP addresses, and connection methods
  • Multi-dimensional Filtering: Filter records by user, location, access point, client, and time ranges for targeted analysis
  • Real-time Status: Distinguish between active and completed sessions for live monitoring

Common Use Cases:

  • Generate compliance reports showing user access patterns and session durations
  • Monitor bandwidth usage across different locations and access points
  • Troubleshoot network connectivity issues by examining session termination causes
  • Track user behavior for security analysis and anomaly detection
  • Create billing reports based on session time and data usage

The accounting records follow the RADIUS accounting standard, capturing comprehensive session metadata from network access servers (NAS) across your infrastructure.

Endpoints

GET /aaa_accounting/

Description: Retrieves a paginated list of AAA accounting records with comprehensive filtering options. This endpoint is the primary method for accessing historical and active session data, allowing you to filter by time ranges, users, locations, and session status for detailed network usage analysis.

Use Cases:

  • Generate monthly bandwidth usage reports for specific locations or users
  • Monitor active sessions to identify current network load and user activity
  • Audit user access patterns for compliance and security purposes
  • Troubleshoot connectivity issues by examining recent session terminations

Full URL Example:

https://gate.zequenze.com/api/v1/aaa_accounting/?start_date=2024-01-01&end_date=2024-01-31&session_status=active&limit=50

Parameters:

Parameter Type In Required Description
start_date string query No Filter records from this date/time in ISO format (2024-01-01, 2024-01-01 00:01:00, 2024-01-01 00:01:00+00:00)
end_date string query No Filter records until this date/time in ISO format (2024-01-31, 2024-01-31 23:59:59, 2024-01-31 23:59:59+00:00)
user integer query No Filter transactions by specific user ID
access_point integer query No Filter transactions by specific access point ID
location integer query No Filter transactions by specific location ID
client integer query No Filter transactions by specific client ID
cursor string query No Pagination cursor value for cursor-based pagination
limit integer query No Number of results per page (default: 20, max: 100)
session_status string query No Filter by session status: 'all', 'active', or 'inactive'

cURL Example:

curl -X GET "https://gate.zequenze.com/api/v1/aaa_accounting/?start_date=2024-01-01&session_status=active&limit=25" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

Example Response:

{
  "next": "https://gate.zequenze.com/api/v1/aaa_accounting/?cursor=eyJpZCI6MTAwfQ%3D%3D&limit=25",
  "previous": null,
  "results": [
    {
      "radacctid": 12345,
      "acctsessionid": "8C:DC:D4:B2:FE:E8-01-5E-7B-9A-2C",
      "acctuniqueid": "f47ac10b58cc4372a5670e02b2c3d479",
      "username": "john.doe@company.com",
      "groupname": "employees",
      "realm": "company.com",
      "nasipaddress": "192.168.1.10",
      "nasportid": "wireless-controller-1",
      "nasporttype": "Wireless-IEEE-802.11",
      "acctstarttime": "2024-01-15T09:30:15Z",
      "acctupdatetime": "2024-01-15T11:45:30Z",
      "acctstoptime": null,
      "acctinterval": 300,
      "acctsessiontime": 8115,
      "acctauthentic": "RADIUS",
      "connectinfo_start": "CONNECT 802.11g 54Mbps",
      "connectinfo_stop": null,
      "acctinputoctets": 45678912,
      "acctoutputoctets": 123456789,
      "calledstationid": "AP-Office-01",
      "callingstationid": "8C:DC:D4:B2:FE:E8",
      "acctterminatecause": null,
      "servicetype": "Framed-User",
      "framedprotocol": "PPP",
      "framedipaddress": "10.0.1.155",
      "organization_id": "org_001",
      "user_id": "user_12345",
      "user_transaction_id": "txn_abc123",
      "client_id": "client_001",
      "client_short_name": "Main Office",
      "location_id": "loc_001",
      "access_point_id": "ap_001",
      "access_point_name": "Office-WiFi-01",
      "location_name": "Corporate Headquarters",
      "nasidentifier": "wireless-nas-01",
      "klass": "premium",
      "access_point_mac_addr": "00:1B:44:11:3A:B7",
      "ssid": "Corporate-WiFi"
    }
  ]
}

Response Codes:

Status Description
200 Success - Returns the paginated list of accounting records
400 Bad Request - Invalid date format or parameter values
401 Unauthorized - Invalid or missing API token
403 Forbidden - Insufficient permissions to access accounting data

GET /aaa_accounting/{radacctid}/

Description: Retrieves detailed information for a specific AAA accounting record by its unique RADIUS accounting ID. This endpoint provides complete session details including all RADIUS attributes, connection metadata, and organizational context for in-depth session analysis.

Use Cases:

  • Investigate specific user sessions for security or compliance audits
  • Troubleshoot individual connection issues with detailed session metadata
  • Extract complete session information for billing or usage reporting
  • Analyze session termination causes and connection quality metrics

Full URL Example:

https://gate.zequenze.com/api/v1/aaa_accounting/12345/

Parameters:

Parameter Type In Required Description
radacctid integer path Yes Unique RADIUS accounting record identifier

cURL Example:

curl -X GET "https://gate.zequenze.com/api/v1/aaa_accounting/12345/" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

Example Response:

{
  "radacctid": 12345,
  "acctsessionid": "8C:DC:D4:B2:FE:E8-01-5E-7B-9A-2C",
  "acctuniqueid": "f47ac10b58cc4372a5670e02b2c3d479",
  "username": "jane.smith@company.com",
  "groupname": "administrators",
  "realm": "company.com",
  "nasipaddress": "192.168.1.15",
  "nasportid": "ethernet-switch-port-24",
  "nasporttype": "Ethernet",
  "acctstarttime": "2024-01-15T08:00:00Z",
  "acctupdatetime": "2024-01-15T17:30:45Z",
  "acctstoptime": "2024-01-15T17:30:45Z",
  "acctinterval": 600,
  "acctsessiontime": 34245,
  "acctauthentic": "Local",
  "connectinfo_start": "CONNECT Ethernet 1000Mbps Full-Duplex",
  "connectinfo_stop": "DISCONNECT User-Request",
  "acctinputoctets": 987654321,
  "acctoutputoctets": 456789123,
  "calledstationid": "SW-Floor2-Port24",
  "callingstationid": "00:1A:2B:3C:4D:5E",
  "acctterminatecause": "User-Request",
  "servicetype": "Administrative-User",
  "framedprotocol": "PPP",
  "framedipaddress": "10.0.2.50",
  "organization_id": "org_001",
  "user_id": "user_67890",
  "user_transaction_id": "txn_xyz789",
  "client_id": "client_002",
  "client_short_name": "IT Department",
  "location_id": "loc_002",
  "access_point_id": "sw_001",
  "access_point_name": "Floor2-Switch-01",
  "location_name": "Second Floor Office",
  "nasidentifier": "ethernet-nas-02",
  "klass": "administrative",
  "access_point_mac_addr": "00:50:56:A1:B2:C3",
  "ssid": null
}

Response Codes:

Status Description
200 Success - Returns the detailed accounting record
401 Unauthorized - Invalid or missing API token
403 Forbidden - Insufficient permissions to access this record
404 Not Found - Accounting record with specified ID does not exist

Common Use Cases

Use Case 1: Monthly Bandwidth Usage Report

Generate comprehensive usage reports by filtering records within specific date ranges and aggregating data usage by location or user groups. Use the list endpoint with start_date, end_date, and location parameters to create detailed bandwidth consumption reports.

Use Case 2: Real-time Session Monitoring

Monitor currently active network sessions by filtering with session_status=active to identify peak usage times, current user load, and active connection patterns across different access points and locations.

Use Case 3: Security Incident Investigation

Investigate suspicious network activity by retrieving specific user sessions during incident timeframes, examining session termination causes, connection sources, and data transfer patterns for forensic analysis.

Use Case 4: Compliance Auditing

Create detailed audit trails by filtering sessions for specific users or time periods, documenting access patterns, session durations, and data usage for regulatory compliance requirements.

Use Case 5: Network Performance Analysis

Analyze connection quality and performance by examining session termination causes, connection types, and data transfer rates across different access points to identify infrastructure optimization opportunities.

Best Practices

  • Use Date Filtering: Always apply appropriate start_date and end_date filters to limit result sets and improve query performance, especially when dealing with large datasets spanning multiple months.

  • Implement Pagination: Use the limit parameter (recommended: 50-100 records per request) and cursor-based pagination for efficient data retrieval when processing large volumes of accounting records.

  • Filter Strategically: Combine multiple filter parameters (user, location, access_point) to narrow down results and reduce API response times while minimizing unnecessary data transfer.

  • Cache Session Data: For frequently accessed reports or dashboards, implement appropriate caching strategies as accounting data is typically historical and doesn't change once sessions are completed.

  • Monitor Active Sessions: Use session_status=active filtering sparingly and implement reasonable polling intervals (5-10 minutes) to avoid overwhelming the API when monitoring real-time sessions.

  • Handle Time Zones: Ensure consistent timezone handling when filtering by dates, preferably using UTC timestamps with explicit timezone offsets in ISO format.

  • Error Handling: Implement robust error handling for common scenarios like missing records (404), rate limiting (429), and temporary service unavailability (503).

  • Security Considerations: AAA accounting data contains sensitive user information - ensure API tokens are securely stored and access is limited to authorized personnel only.

No comments to display

Back to top