Web security reports
Use web security reporting tools to monitor the effectiveness of protections you set in Kona Site Defender.
After you get protections activated for your website and web apps, you should continuously monitor and assess how they're handling web requests. Each site is different, and you'll inevitably have to adjust controls and protection profiles to achieve the results you want and cut down on false-positives and other issues.
Note: To get data from the security products for your reports, log HTTP header data, and make sure to enable host header logging in your delivery configurations log delivery system (LDS) setting.
Using reports you can tackle the following tasks:
- Monitor daily activity
- Web Security Analytics lets you view traffic and activity as it's happening. Here you can view details for the past day or two and watch as security controls trigger in real time.
- See activity for the last 90 days
- Security Center gives you a higher-level view and shows big-picture data like attack traffic vs. regular traffic.
- Find and confirm false-positives
- The Weekly WAF Tuning Report shows you what the Security Center believes are false-positives. You can investigate and change security policies as needed.
- See attacks by week
- The Weekly Attack Report shows attacks by type and also by security policy. Events that appear in this report are very likely to be actual attacks.
- See activity on protected APIs
- The Application Security Activity Report shows what APIs have been targeted by attacks and hostnames too.
- Tune rate policies
- Use the WAF Rate Control Report to see what kinds of activity your rate controls are capturing. Use this report to tune your rate policies.
- See DoS traffic
- The DoS Activity Report shows any detected DoS attack traffic and resulting actions.