Reporting is a great way to stay up to date with your WAF traffic without checking upon the logs multiple times a day.
We have these type of reports:
|Front Door hourly report||Will send a report every round hour containing the last 1 hour of Front Door WAF log overview|
|App Gateway hourly report||Will send a report every round hour containing the last 1 hour of Application Gateway WAF log overview|
|Daily report (in development)||Will send a report every day at a designated hour with all the WAF data for the last 24 hours of the report creation. This report is much more detailed than the hourly report and contains a lot more data.|
|Monthly Report (in development)||Will send a report every first day of the month with all the WAF data for the last 30 days of the report creation. It contains the same data as a Daily report.|
We allow for 2 reports per organization. We currently have the hourly reports up and running and the rest are in development and will come when BETA closes. So this means that all the currently available reports will be within the limit.
Sends an hourly report with the following data:
- Total blocks
- 5 Image Charts, all of them are summarize count by (we use quickchart.io to display them) of the following type:
- Rules - Breakdown of count per Rules being broken (ex. PROTOCOL-ENFORNCEMENT-920320)
- Policies - Breakdown of what policies are in the WAF Log and how many requests per policy
- ClientIps - All the IPs that are in the Log with how many requests each
- Malicious Confidences - Malicious confidences present in the log
- ThreatActions_per_IP - What IPs have been trying actual threat actions
- Whitelist_suggestions - Quick view if any false-positives are found and what parameters are being flagged
- Number of false-positive request found, if any.
It is basically, the same 6 charts you see every time you pull logs from the portal but they are adapted for email clients and are sent as images.
We will be continiously improving the content of the report but if you have any immediate suggestions, let us know.