Live Chat Software by Kayako
Postado por Arthur Fernando on 30/Oct 16:48
Classification: CLASSIFIED / PUBLIC
The WAF Dashboard brings graphics reports by groupings or full logs of easy view by the user.
The information can be filtered by log files, maximum amount of file type, refresh time and even by an specific file through the search option.
When choosing an amount, it will be counted the top files from number 1 (with 200, 500, 1000 or 2000 lines in log). The refresh time option allows the statistics to be reloaded manually or automatically in specific periods (10, 30, 60, 90 or 300 seconds).
In the search field, it can be found any registry existing inside log files. The accuracy of the search corresponds to the desired word, and ALL the log file will be analysed.
There are six graphics showing top 10 information based on WAF logs parameters, with three in circle shape, and three in bars.
The order of arrows in circle graphics shows the order, in percentage, of the amount of biggest to the shortest parameters listed in the logs.
If the selected option is remote IP, when clicking the section corresponding to the indicated IP in the left bar, more information (whois) will be displayed related to the address, such as host, AS, IP, BGP prefix, CC, registry, allocation date, AS name, country, and others:
The graphics display the following information:
Shows the remote IPs count in order chosen by the user, crescent or decrescent. The information shown for each remote IP are: upstream IP and server. Whois data will also be displayed when clicking on any remote IP.
2.3- Full logs
In this interface, there is a grid containing a list of various data from WAF logs, and the user may select the order crescent or decrescent of each one according to a relevance (alphabetical, numerical or data order). Furthermore, it is possible to filter what will be listed by clicking the button in red circle, located in the top bottom corner of the grid:
To hide any parameter, just unmark the unwanted and click the green "start process" button in the "Logs filter" board.