Reference: Security Report Templates¶
BIG-IP Next Central Manager provides security report templates that include common monitored protection measures, traffic patterns, and malicious threat indicators for WAF attacks.
The following provides an overview of the information found in each template. These templates cannot be modified or deleted, but you can clone a template to create a custom report. See clone a security report for how to create and customize a cloned report.
Security report templates¶
The following details information included in each security report template. Once you generate a security reprot summary, top results are based on the top attacked applications (overall) followed by the top applications by category selections. The generated security report summary compares the last time period to the previous time period’s report.
Each template report includes the information from all protected applications.
Full report across all categories¶
Name: Full report across all categories Description: Full report about the top attack activity across all applications and categories. Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: All categories selected
Top attacked applications¶
Name: Top attacked applications Description: Creates a report that displays results of the top attacked applications. Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: None selected
Top attacked URL¶
Name: Top attacked URLs Description: The top attacked URLs across all protected applications. Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: Domains, URLs
Top malicious bots¶
Name: Top malicious bots Description: The most commonly detected malicious bot signatures across all applications. Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: Malicious Bot
Top malicious IP (IPI)¶
Name: Top malicious IP (IPI) Description: The most commonly detected malicious IP (IPI) addresses across all applications Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: Malicious IP
Top protection types¶
Name: Top protection types Description: The most commonly blocked violations and signatures across all applications Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: Violations, Attack Signatures
Top source IPs attackers¶
Name: Top source attackers Description: The top source IPs and countries that included requests with detected attacks across all applications. Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: Geolocations, Source IP
Top threat campaigns¶
Name: Top threat campaigns Description: The most commonly detected threat campaigns across all applications. Reports by: All protected applications Report Time Period: Last 30 days Reports results: Top 5 Request Type: Alerted & Blocked Category: Threat Campaigns