SBN

NSFOCUS WAF Security Reports

NSFOCUS WAF security reports are divided into classification-specific alert reports and period-specific alert reports. You can acquire reports based on query conditions, such as websites, event types, statistic collection periods, and statistic collection time.

1. Generation procedure: Logs & Reports > Security Reports > Classification-Specific Alert Report or Period-Specific Alert Report > Choose the query conditions and click Generate.

Parameters for generating Classification-Specific Alert Report

Parameter Description
Website Websites whose statistics are to be queried. NSFOCUS WAF automatically generates a website list based on your website configurations. If you select no website, but select the Global policies check box, an alert report on events triggering network-layer access control policies will be generated.
Frequency Report preview interval, which can be Daily Report, Weekly Report, or Monthly Report.
Date Date of statistics to be queried.

You can view statistics about web security events of the specified websites within the statistic collection period.

The below figure shows a classification-specific alert report with the Website set to all and the Frequency set to Monthly Report. This report includes two parts: Classification-Specific Alert Matching Measurement and Classification-Specific Alert Measurement.

  • The Classification-Specific Alert Matching Measurement part shows the occurrence times and proportions of various web security events.
  • In the Classification-Specific Alert Measurement part, NSFOCUS WAF merges web security events with the same elements into one security event every minute, and calculates the occurrence times and proportions of various merged web security events. The elements include the server, client IP address, port, and event type.

Click to the upper right of the report and set parameters in the Report Export dialog box to save the report as an Excel file to the local (Optional).

Click to print the report (Optional).

2. Generation procedure: Logs & Reports > Security Reports > Period-Specific Alert Report > Choosethe query conditions and click Generate.

Parameters for generating Period-Specific Alert Report

Parameter Description
Event Type Security event types, which are built in NSFOCUS WAF.
Frequency Report preview interval, which can be Daily Report, Weekly Report, or Monthly Report.
Date Date of statistics to be queried.

You can view statistics about various web security events in different periods.

The figure below shows a period-specific alert report with Event Type set to all and Frequency set to Monthly Report. This report includes two parts: Period-Specific Alert Matching Measurement and Period-Specific Alert Measurement.

  • The Period-Specific Alert Matching Measurement part shows the occurrence times and proportions of various web security events occurring in different periods.
  • In the Period-Specific Alert Measurement part, NSFOCUS WAF merges web security events with the same elements into one security event every minute, and calculates the occurrence times and proportions of various merged web security events in each period. The elements include the server, client IP address, port, and event type.

Click  to the upper right of the report and set parameters in the Report Export dialog box to save the report as an Excel file to the local (Optional).

Click to print the report (Optional).

The post NSFOCUS WAF Security Reports appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

*** This is a Security Bloggers Network syndicated blog from NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. authored by NSFOCUS. Read the original post at: https://nsfocusglobal.com/nsfocus-waf-security-reports/