Skip to main content

Aaa Accounting

RetrieveThe AAA Accounting API provides access to network authentication, authorization, and view AAA (Authentication, Authorization, and Accounting) accounting recordsrecords. These endpoints allow you to retrieve detailed session information for network access sessions.monitoring, compliance reporting, and user activity analysis across access points, locations, and clients.

Base URL: https://gate.zequenze.com/api/v1

Authentication: All endpoints require a Bearer token:

Authorization: Bearer <your-api-token>

Overview

The AAA (Authentication, Authorization, and Accounting) Accounting API enables you to access comprehensive network session records and user activity logs. This API is essential for network administrators, security teams, and compliance officers who need to monitor network access, generate usage reports, and audit user sessions.

Key Features:

    Session Tracking: Monitor active and completed network sessions with detailed metadata Flexible Filtering: Filter records by date ranges, users, access points, locations, and clients Compliance Reporting: Generate audit trails for regulatory compliance and security analysis Real-time Monitoring: Track session status and user activity across your network infrastructure

    Common Integration Scenarios:

      Building network monitoring dashboards Generating compliance and audit reports Analyzing user access patterns and network usage Implementing automated security alerts based on session data Creating billing systems based on network usage

      Endpoints

      GET /aaa_accounting/

      Description: Retrieves a paginated list of AAA accounting records with optionalcomprehensive filtering byoptions. dateThis range,endpoint user,is accessthe point,primary location,method client,for accessing network session data and supports various filter parameters to narrow down results based on time periods, users, network locations, and session status.

      Use Cases:

        Generate daily/weekly/monthly network usage reports Monitor active sessions across all access points Audit user access patterns for security analysis Create billing reports based on session duration and data usage Track network activity by location or client device

        Full URL Example:

        https://gate.zequenze.com/api/v1/aaa_accounting/?start_date=2024-01-01&end_date=2024-01-31&session_status=active&limit=50

        Parameters:

        Parameter Type In Required Description
        start_date string query No Filter byrecords startfrom datetimethis indate/time onwards. Supports ISO formatformat: (2000-2024-01-01,01, 2000-2024-01-01 00:01:00,00, 2000-or 2024-01-01 00:01:00+00:00)00
        end_date string query No Filter byrecords endup datetimeto inthis date/time. Uses same ISO format (2000-01-01,as 2000-01-01 00:01:00, 2000-01-01 00:01:00+00:00)start_date
        user integer query No Filter records by usernamespecific field (user ID)ID to show sessions for a particular user
        access_point integer query No Filter records by access point ID to show sessions from specific network hardware
        location integer query No Filter records by location ID to analyze usage at specific physical locations
        client integer query No Filter records by client ID to track sessions from specific client devices
        cursor string query No Pagination cursor for retrieving the next page of results
        limit integer query No Number of resultsrecords to return per page (default varies)varies, typically 20-100)
        session_status string query No Filter by session activestatus - use 'active' for ongoing sessions or other status values

        ExamplecURL Request:Example:

        curl -X GET "https://gate.zequenze.com/api/v1/aaa_accounting/?start_date=2024-01-01&user=123&limit=50&session_status=active25" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

        Example Response:

        {
  "count": 234,1247,
  "next": "https://gate.zequenze.com/api/v1/aaa_accounting/?cursor=eyJpZCI6MTIzfQ%eyJpZCI6MTAwfQ%3D%3D",
  "previous": null,
  "results": [
    {
      "radacctid": 12345,
      "username": "john.doe"doe@company.com",
      "access_point"realm": 101,"company.com",
      "location"nas_ip_address": "192.168.1.100",
      "nas_port_id": "wlan0",
      "nas_port_type": "Wireless-802.11",
      "access_point_id": 15,
      "access_point_name": "AP-Building-A-Floor-2",
      "location_id": 3,
      "location_name": "Main Office Building A",
      "client_id": 89,
      "client_mac": "aa:bb:cc:dd:ee:ff",
      "called_station_id": "Corporate-WiFi",
      "calling_station_id": "aa:bb:cc:dd:ee:ff",
      "acct_session_id": "8A7B6C5D4E3F2A1B",
      "acct_start_time": "2024-01-15T09:15:30Z",
      "acct_stop_time": null,
      "acct_session_time": 14420,
      "acct_input_octets": 2547891234,
      "acct_output_octets": 456789123,
      "acct_input_packets": 1847329,
      "acct_output_packets": 892341,
      "acct_terminate_cause": null,
      "framed_ip_address": "10.0.1.45",
      "session_status": "active",
      "created_at": "2024-01-15T09:15:30Z",
      "updated_at": "2024-01-15T13:15:50Z"
    },
    {
      "radacctid": 12344,
      "username": "jane.smith@company.com",
      "realm": "company.com",
      "nas_ip_address": "192.168.1.101",
      "nas_port_id": "eth1/0/24",
      "nas_port_type": "Ethernet",
      "access_point_id": 8,
      "access_point_name": "Switch-Building-B-Floor-1",
      "location_id": 5,
      "client": 25,
      "session_id"location_name": "abc123def456"Branch Office Building B",
      "start_time"client_id": 156,
      "client_mac": "ff:ee:dd:cc:bb:aa",
      "called_station_id": "Corporate-LAN",
      "calling_station_id": "ff:ee:dd:cc:bb:aa",
      "acct_session_id": "9B8A7C6D5E4F3A2C",
      "acct_start_time": "2024-01-01T09:15T08:30:00Z"15Z",
      "end_time"acct_stop_time": "2024-01-01T17:15T17:45:00Z"22Z",
      "session_duration"acct_session_time": 29700,33307,
      "bytes_sent"acct_input_octets": 1048576,1234567890,
      "bytes_received"acct_output_octets": 5242880,9876543210,
      "acct_input_packets": 2847593,
      "acct_output_packets": 1947382,
      "acct_terminate_cause": "User-Request",
      "framed_ip_address": "10.0.2.78",
      "session_status": "completed",
      "nas_ip_address"created_at": "192.168.1.10"2024-01-15T08:30:15Z",
      "updated_at": "2024-01-15T17:45:22Z"
    }
  ]
}

        Response Codes:

        Status Description
        200 Success - Returns paginated list of AAA accounting records
        400 Bad Request - Invalid date format or parameter values 401 Unauthorized - Invalid or missing BearerAPI token 403 Forbidden - Insufficient permissions to access accounting data

        GET /aaa_accounting/{radacctid}/

        Description: Retrieves detailed information for a specific AAA accounting record byusing its unique RADIUS accounting ID. This endpoint provides complete session details including timing, data usage, network information, and termination details for individual network sessions.

        Use Cases:

          Investigate specific user session details for troubleshooting Retrieve complete session information for audit purposes Analyze individual session patterns and data usage Generate detailed reports for specific network incidents Export session data for compliance documentation

          Full URL Example:

          https://gate.zequenze.com/api/v1/aaa_accounting/12345/

          Path Parameters:

          Parameter Type In Required Description
          radacctid integer path Yes The unique RADIUS accounting ID offor the session record to retrieve

          ExamplecURL Request:Example:

          curl -X GET "https://gate.zequenze.com/api/v1/aaa_accounting/12345/" \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json"

          Example Response:

          {
  "radacctid": 12345,
  "username": "john.doe"doe@company.com",
  "access_point": 101,
  "location": 5,
  "client": 25,
  "session_id"realm": "abc123def456",
  "start_time": "2024-01-01T09:30:00Z",
  "end_time": "2024-01-01T17:45:00Z",
  "session_duration": 29700,
  "bytes_sent": 1048576,
  "bytes_received": 5242880,
  "packets_sent": 2048,
  "packets_received": 8192,
  "session_status": "completed"company.com",
  "nas_ip_address": "192.168.1.10"100",
  "nas_port"nas_identifier": "wireless-1"corporate-wifi-controller-01",
  "nas_port_id": "wlan0",
  "nas_port_type": "Wireless-802.11",
  "access_point_id": 15,
  "access_point_name": "AP-Building-A-Floor-2",
  "access_point_location": "Building A, Floor 2, Conference Room",
  "location_id": 3,
  "location_name": "Main Office Building A",
  "location_address": "123 Corporate Blvd, Suite 100",
  "client_id": 89,
  "client_mac": "aa:bb:cc:dd:ee:ff",
  "client_vendor": "Apple Inc.",
  "client_device_type": "smartphone",
  "called_station_id": "Corporate-WiFi",
  "calling_station_id": "aa:bb:cc:dd:ee:ff",
  "called_station_id"acct_session_id": "00:11:22:33:44:55:SSID-Guest"8A7B6C5D4E3F2A1B",
  "terminate_cause"acct_unique_id": "User-Request"f47ac10b-58cc-4372-a567-0e02b2c3d479",
  "acct_start_time": "2024-01-15T09:15:30Z",
  "acct_stop_time": null,
  "acct_session_time": 14420,
  "acct_input_octets": 2547891234,
  "acct_output_octets": 456789123,
  "acct_input_gigawords": 2,
  "acct_output_gigawords": 0,
  "acct_input_packets": 1847329,
  "acct_output_packets": 892341,
  "acct_terminate_cause": null,
  "acct_status_type": "Interim-Update",
  "acct_authentic": "RADIUS",
  "connect_info": "CONNECT 802.11n/300Mbps",
  "framed_ip_address": "10.0.1.45",
  "framed_netmask": "255.255.255.0",
  "framed_protocol": "PPP",
  "service_type": "Framed-User",
  "session_status": "active",
  "user_agent": "iOS/17.2.1 CFNetwork/1494.0.7 Darwin/23.2.0",
  "vlan_id": 100,
  "tunnel_type": "VLAN",
  "tunnel_medium_type": "IEEE-802",
  "tunnel_private_group_id": "100",
  "class": "employee",
  "created_at": "2024-01-15T09:15:30Z",
  "updated_at": "2024-01-15T13:15:50Z",
  "last_update_time": "2024-01-15T13:15:50Z"
}

          Response Codes:

          Status Description
          200 Success - Returns detailed AAA accounting record
          401 Unauthorized - Invalid or missing BearerAPI token
          403 Forbidden - Insufficient permissions to access this record 404 Not Found - AccountingAAA accounting record with specified radacctidID does not exist

          Common Use Cases

          Use Case 1: Network Usage Monitoring Dashboard

          Retrieve active sessions and recent activity to build real-time network monitoring dashboards. Use the list endpoint with session_status=active and recent date filters to show current network load and user activity.

          Use Case 2: Compliance and Audit Reporting

          Generate comprehensive audit reports by filtering records by date ranges and exporting session details. Use both endpoints to create detailed compliance documentation showing who accessed what resources and when.

          Use Case 3: User Activity Investigation

          When investigating security incidents or troubleshooting user connectivity issues, first use the list endpoint to find sessions for a specific user, then use the detail endpoint to examine complete session information including data usage and termination details.

          Use Case 4: Location-Based Usage Analysis

          Analyze network usage patterns by location using the location filter parameter. This helps identify high-traffic areas, plan network capacity, and optimize access point placement.

          Use Case 5: Billing and Cost Allocation

          Track data usage and session duration for cost allocation or billing purposes. Filter by client or user to calculate usage-based charges or departmental network costs.

          Best Practices

          • Use Date Filters Efficiently: Always specify reasonable date filtersranges to limitavoid largeretrieving resultexcessive setsdata. andThe improveAPI responseperforms timesbetter with focused queries rather than broad date ranges.

          • Implement Proper Pagination: Use the cursor-based pagination using the cursor parameter for efficient browsing of large datasets

          • Setrather appropriatethan limit values based on your application's needstrying to balanceretrieve all records at once. This ensures better performance and usabilityprevents timeouts.

          • Cache Session Details: For frequently accessed accountingsession recordsrecords, implement client-side caching to reduce API callscalls, especially when building dashboards that display the same session information multiple times.

          • Use specific

            Handle filtersTime (user,Zones access_point,Consistently: location,When client)filtering by dates, use ISO 8601 format with timezone information to narrowensure downconsistent results foracross targeteddifferent analysisenvironments and user locations.

          • Handle timezone

            Monitor considerationsRate Limits: Implement appropriate rate limiting and retry logic in your applications, especially when workingprocessing withlarge datetimebatches fieldsof -accounting records for reporting purposes.

          Filter at the API Level: Use the provided filter parameters rather than retrieving all timesrecords areand returnedfiltering client-side. This reduces bandwidth usage and improves application performance.

          Security Considerations: AAA accounting data contains sensitive user and network information. Ensure proper access controls and audit logging for API usage, and never log sensitive session data in UTC

          application Monitorlogs. session status for real-time network access tracking and troubleshooting
          Back to top