All Products
Search

This Product

    Edge Security Acceleration:Security analytics

    Document Center

    Edge Security Acceleration:Security analytics

    Last Updated:Mar 31, 2025

    The security analytics dashboard provides you visualized analysis of HTTP(S) request traffic via Web Application Firewall (WAF) and bot management. You can create protection rules based on applied filters or make informed adjustments to the existing rules.

    What can you do with security analytics

    With the visualized analysis, you can verify the compliance of request characteristics against valid request baselines, which include but not limited to the header structure, load mode, and access frequency.

    If the traffic deviates from the established baselines, it may signal a potential security threat, such as SQL injection and HTTP flood attack. In such cases, further analysis or intervention is required to mitigate the risk. ESA WAF rules can be used to precisely block requests and trace attacks. This allows for proactive threat handling in a robust security setup.

    Check on the dashboard

    1. In the ESA console, choose Websites and click the website name you want to manage.

    2. In the left-side navigation pane, choose Security > Security Analytics.

    3. Filter your data by time and other query characteristics.

      Note

      The retrieved data has an approximate delay of 5 minutes.

    4. Optional. You can click the image icon to print the report or the image icon to download it.

    5. Optional. Click Create Custom WAF Rule from Filters to create a custom rule based on your applied filters.

    Security analytics panels

    You can see a top data panel and an overview panel.

    Top data panels

    You can filter the data to view the top five or all results in an available dimension:

    image

    The available dimensions are:

    • Referer

    • Host

    • Country/Region

    • Chinese Mainland Provinces

    • Path

    • Edge Status Code

    • Origin Status Code

    • Browser Type

    • OS Type

    • Device Type

    • Client IP

    • Client ISP

    • Client ASN

    • HTTP Version

    • HTTP Method

    • Content Type

    • Cache Status

    Overview panel

    On the Overview panel:

    The Request Analytics tab is an interactive chart that displays the same dimensions as the top data panel.

    image

    The Bot Analytics tabs is an interactive chart that displays incoming requests categorized into Likely Human, Definite Bots, Likely Bots, or Verified Bots.

    image

    In both charts, you can move your mouse pointer over a dimension name and click Filter or Exclude to filter out or exclude data from your analytics report.

    Sampling logs

    Sampling logs are generated through adaptive sampling of your incoming HTTP(S) traffic. You can use filters to narrow down the query results. Click image for more information.

    image

    The example shows an expended log entry for Definite Bots.

    image