Reference: Security Report Templates

BIG-IP Next Central Manager provides security report templates that include common monitored protection measures, traffic patterns, and malicious threat indicators for WAF attacks.

The following provides an overview of the information found in each template. These templates cannot be modified or deleted, but you can clone a template to create a custom report. See clone a security report for how to create and customize a cloned report.

Security report templates

The following details information included in each security report template. Once you generate a security reprot summary, top results are based on the top attacked applications (overall) followed by the top applications by category selections. The generated security report summary compares the last time period to the previous time period’s report.

Each template report includes the information from all protected applications.

Full report across all categories

Name: Full report across all categories Description: Full report about the top attack activity across all applications and categories. Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: All categories selected

Top attacked applications

Name: Top attacked applications Description: Creates a report that displays results of the top attacked applications. Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: None selected

Top attacked URL

Name: Top attacked URLs Description: The top attacked URLs across all protected applications. Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: Domains, URLs

Top malicious bots

Name: Top malicious bots Description: The most commonly detected malicious bot signatures across all applications. Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: Malicious Bot

Top malicious IP (IPI)

Name: Top malicious IP (IPI) Description: The most commonly detected malicious IP (IPI) addresses across all applications Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: Malicious IP

Top protection types

Name: Top protection types Description: The most commonly blocked violations and signatures across all applications Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: Violations, Attack Signatures

Top source IPs attackers

Name: Top source attackers Description: The top source IPs and countries that included requests with detected attacks across all applications. Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: Geolocations, Source IP

Top threat campaigns

Name: Top threat campaigns Description: The most commonly detected threat campaigns across all applications. Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: Threat Campaigns