View WAF trends
Set report scope
- Go to .
- In the left menu click .
- In the Security Center
menu bar, modify the general settings for the view.
- Switch to view another security configuration. Click the name of the current security configuration and select a different configuration from the menu.
- Set a time period within the last 3 months. Click the date field and select the duration or dates you want to see.
- Specify the section of traffic you want to see in all charts within Web Application Firewall view. At the top of the screen, click the Traffic Segment dropdown and select: Website & API, API, or Website.
- Apply filters
to all charts within Web Application Firewall view to see
results only for a specific dimension, like policy,
hostname, API name, and
On the upper right of the screen, click the filter button. Then, under the dimensions you want, select values to filter on. Click Apply.
To clear filters, click Reset.
- Use filters in charts.
- Choose the
type of traffic displayed in the WAF
Attack Traffic Trends graph. Click the
Traffic dropdown and select the Edge
hits, Edge bandwidth, Edge page requests or Edge error
You can enable and disable either display by selecting and deselecting the All Traffic and Attack Traffic checkboxes.
- Choose what type of attack to display in the WAF Attack Groups Detected graph. Click the Attack Groups dropdown and select a category.
- Choose the type of traffic displayed in the WAF Attack Traffic Trends graph. Click the Traffic dropdown and select the Edge hits, Edge bandwidth, Edge page requests or Edge error views.
Interact with the charts
- In a pie chart, to enable and disable sections of the chart, click a section name in the legend.
- To view the details for a specific moment in time, hover the mouse over a point on the time line.
- For some charts, to switch between the line chart and bar chart views, click and in its header.
- To download the data for further analysis in the CSV format, click the download button that is next to any chart header.
See WAF attack overview
See how much of your traffic has been generated by attack activity in WAF Attack Traffic Summary. The section includes the amount of hits/page requests generated by the WAF activity at the edge servers, and bandwidth served to attacks.
Scroll to the The WAF Attack Traffic Trends graph to check how regular client traffic compares to WAF activity. Enable and disable either display by selecting and deselecting the All Traffic and Attack Traffic checkboxes.
Using the Traffic menu, you can choose the type of traffic displayed:
- Edge Hits. Displays the number of hits on the edge servers.
- Edge Bandwidth. Displays the amount of bandwidth being served.
- Edge Page Requests. Displays the number of pages being requested at the edge.
- Edge Error Views. Displays the number of HTTP errors the edge is issuing.
Investigate which types of WAF attack are most common
The WAF Attack Groups Detected pie chart shows the percentages and number of triggered rule types.
The WAF Attack Groups Detected graph shows the top categories of detected attacks.
View how your security products handle WAF attacks
Firewall Policies Triggered by WAF Attacks shows your top firewall policies that detect WAF attacks.
See which parts of your setup attract WAF attacks
The APIs Targeted by WAF Attacks section displays your APIs that WAF attacks have targeted.
The Hostnames Targeted by WAF Attacks bar chart displays your hostnames and the total number of attacks on each. If you’re filtering WAF trends by security configuration, you’ll also see a column displaying the configuration to which the hostname belongs.
See where WAF attacks originated
The Countries Where WAF Attacks Originated bar chart displays the countries and the number of WAF attacks that originated from each.