The mitigation analysis feature generates two report types — DDoS BGP Mitigation Report and DDoS BGP Events Report — that let you review BGP traffic scrubbing data and DDoS event statistics for your Anti-DDoS Origin Enterprise instance.
What the reports contain:
DDoS BGP Mitigation Report — tracks inbound traffic across multiple dimensions and records scrubbing module activity: Inbound Traffic Monitor, Inbound Traffic Monitor (sort by scrubbing centers), Inbound Traffic Monitor (sort by flow types), PktChk, syn cookie, SrcChk, FDR, DipRate, SrcRate, L7 Filter, L4 Filter, DFPDR, DnsChk, IpDR, AntiTcp, AntiUdp, and AntiOtherTcp.
DDoS BGP Events Report — records statistics on DDoS events.
Prerequisites
Before you begin, ensure that you have:
An Anti-DDoS Origin Enterprise instance with the mitigation analysis feature enabled. For setup instructions, see Enable mitigation analysis.
Status turned on for the mitigation analysis feature. Reports are only available when Status is enabled.
View mitigation reports
Log on to the Traffic Security console.
In the left-side navigation pane, choose Network Security > Anti-DDoS Origin > Mitigation Logs.
In the top navigation bar, select the resource group and region of your instance.
On the Mitigation Logs page, select an Anti-DDoS Origin Enterprise instance and click Log Reports.
Click the tab for the report you want to view: DDoS BGP Mitigation Report or DDoS BGP Events Report.
In the upper-right corner, click Time Range and set a query time range.
Select a relative time, a time frame, or a custom range.
Results may include data generated up to 1 minute before or after the specified time range. To get more precise results, narrow the time range.
View the mitigation reports.