analytics dos-l3 reportΒΆ

analytics dos-l3 report(1)    BIG-IP TMSH Manual    analytics dos-l3 report(1)



NAME
       report - Displays a DoS (Layers 3-4) prevention analytics report.

MODULE
       analytics dos-l3

SYNTAX
       Show, save or send an analytics dos-l3 report using the syntax shown in
       the following sections.

   DISPLAY
	show report view-by [ action | activity-type | application | attack-id | category | client-ip | country | country-code | dest-country | dest-country-code |
			      dos-profile | mitigation | server-ip | suspected-ip | trigger | vector | virtual | vlan | vlan-group ]
	 options:
	  drilldown {
	    {
		entity [ action | activity-type | application | attack-id | category | client-ip | country | country-code | dest-country | dest-country-code |
			 dos-profile | mitigation | server-ip | suspected-ip | trigger | vector | virtual | vlan | vlan-group ]
		values
		{
		  [value ...]
		}
	    } ...
	  }
	  field-fmt
	  include-total
	  include-others
	  limit [number of rows]
	  measures {
	    [measure name ...]
	  }
	  order-by {
	    {
	      measure [ measure name ]
	      sort-type [ asc | desc ]
	    } ...
	  }
	  range [date range]

   SAVE
	save report view-by [ action | activity-type | application | attack-id | category | client-ip | country | country-code | dest-country | dest-country-code |
			      dos-profile | mitigation | server-ip | suspected-ip | trigger | vector | virtual | vlan | vlan-group ]
	 options:
	   drilldown {
	    {
		entity [ action | activity-type | application | attack-id | category | client-ip | country | country-code | dest-country | dest-country-code |
			 dos-profile | mitigation | server-ip | suspected-ip | trigger | vector | virtual | vlan | vlan-group ]
		values
		{
		  [value ...]
		}
	    } ...
	  }
	  file [ file name ]
	  format [ csv-aggregated | csv-time-series | pdf ]
	  include-total
	  include-others
	  limit [number of rows]
	  measures {
	    [measure name ...]
	  }
	  order-by {
	    {
	      measure [ measure name ]
	      sort-type [ asc | desc ]
	    } ...
	  }
	  range [date range]

   SEND
	send-mail report view-by [ action | activity-type | application | attack-id | category | client-ip | country | country-code | dest-country | dest-country-code |
				   dos-profile | mitigation | server-ip | suspected-ip | trigger | vector | virtual | vlan | vlan-group ]
	 options:
	  drilldown {
	    {
		entity [ action | activity-type | application | attack-id | category | client-ip | country | country-code | dest-country | dest-country-code |
			 dos-profile | mitigation | server-ip | suspected-ip | trigger | vector | virtual | vlan | vlan-group ]
		values
		{
		  [value ...]
		}
	    } ...
	  }
	  email-addresses {
	     [email address ...]
	  }
	  format [ csv-aggregated | csv-time-series | pdf ]
	  include-total
	  include-others
	  limit [number of rows]
	  measures {
	    [measure name ...]
	  }
	  order-by {
	    {
	      measure [ measure name ]
	      sort-type [ asc | desc ]
	    } ...
	  }
	  range [date range]
	  smtp-config-override [ smtp configuration object name ]

DESCRIPTION
       Use this command to generate DoS (Layers 3-4) prevention analytics
       reports. You can generate a DoS prevention analytics report for the
       following entities:

       o    action - Action taken (allowed/dropped).

       o    activity-type - Activity type.

       o    application - Application services (iApps(tm)).

       o    attack-id - DoS attack ID.

       o    category - Attack category.

       o    client-ip - Source/client IP address.

       o    country - Country.

       o    country-code - Country code.

       o    dest-country - Destination country.

       o    dest-country-code - Destination country code.

       o    dos-profile - DoS profile.

       o    mitigation - Mitigation.

       o    server-ip - Server address IP.

       o    suspected-ip - Suspect address IP.

       o    trigger - Trigger.

       o    vector - Attack vector.

       o    virtual - Virtual server.

       o    vlan - VLAN.

       o    vlan-group - VLAN Group.

EXAMPLES
       show analytics dos-l3 report view-by virtual

       show analytics dos-l3 report view-by attack-type drilldown { { entity
       virtual values { /Common/v1 } } }

       send-mail analytics dos-l3 report view-by source-ip limit 20 format pdf
       email-addresses { some.one@someaddress.com }

       For more syntactical examples see manual for analytics report.

OPTIONS
       device
	    Specifies a BIG-IP device on which to generate a report.
	    (Enterprise Manager only)

       device-list
	    Specifies a custom list of BIG-IP devices on which to generate a
	    report. (Enterprise Manager only)

       drilldown
	    Specifies specific entities that are used as a filter.

       email-addresses
	    Specifies the list of email addresses to which the report file is
	    sent when using the send-mail command.

       file Specifies the exported file path to be saved when using the save
	    command. The file name should be simple (not a full path).

       format
	    Specifies the exported file format to be saved or sent. This
	    option must be specified when using the save or send-mail
	    commands.

       include-others
	    Specifies that the grand total for the measure is displayed for
	    all entities, except for those shown in the result. It can be used
	    along with include-total.

       include-total
	    Specifies that a total summary row should be added to the
	    analytics report. For average measures, the total value is also an
	    average.

       limit
	    Specifies the maximum number of rows/entities in the output result
	    set/file. The default value is 10, not including the total
	    row/entity. The maximum value is 1000.

       measures
	    Specifies a list of measures that can be used with the chosen
	    entity type. The options are:

	    allowed-requests
		 The total number of packets that were received by the virtual
		 server(/s)s

	    allowed-requests-per-second
		 The average number of packets that were received by the
		 virtual server(/s)s

	    attacks-count
		 The total number of attacks for the selected view-by entity.

	    dropped-requests
		 The total number of packets that were dropped by the virtual
		 server(/s)s

	    dropped-requests-per-second
		 The average number of packets that were dropped by the
		 virtual server(/s)s

	    total-requests
		 The total number of packets that were received or dropped by
		 the virtual server(/s)s

	    total-requests-per-second
		 The average number of packets that were received or dropped
		 by the virtual server(/s)s

       order-by
	    Specifies the measures and sort type (ascending or descending)
	    that will be used to sort the final report. The value for each
	    measure is a previously chosen measure. The default value for sort
	    type is desc (descending).

       range
	    Specifies the time/date range of the analytics information that
	    you want to display. The given results will reflect the time range
	    chosen here. The default value is the last hour (now--now-1h).

       smtp-config-override
	    Specifies the SMTP configuration to use when sending reports by
	    email. This overrides the default SMTP settings.

SEE ALSO
       show, save, send-mail, tmsh, analytics, analytics report

COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or
       by any means, electronic or mechanical, including photocopying,
       recording, or information storage and retrieval systems, for any
       purpose other than the purchaser's personal use, without the express
       written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2008-2013, 2015, 2018. All rights
       reserved.



BIG-IP				  2018-07-16	    analytics dos-l3 report(1)