- How to view the HTTP Stats/ Web Traffic statistics in Silverline Portal
- Explanations of graphs on HTTP Stats/ Web Traffic statistics page
- How to filter graphs on HTTP Stats/ Web Traffic statistics page
Silverline is able to give insight into traffic patterns as they relate specifically to HTTP and HTTPS when using a proxy. Those areas include summary information for basic HTTP methods, response codes and response sides.
This information can be filtered by proxy and timeframe to allow for a more detailed analysis.
- Silverline WAF
Navigate to Monitor & Analyze > HTTP Stats
This section has three graphs. Click the following for more details on each section:
The chart represent time series and summary (totaled) information for HTTP operational activity. The operations that Silverline counts include both requests and responses (signified by Response in parenthesis in the legend).
HTTP operations which are counted are as follows:
|Get||Client||Retrieves data from the server from a specified resoirce|
|Post||Client||This method asks the server to accept an enclosed data item to a specified resource in an existing URI.|
|Options||Client||This is where the client is requesting from the server a list of methods that the server supports.|
|Put||Client||Similar to a Post, but asks the server to place the enclosed data item at a specific URI, even if that URI does not exist (in which case the server may create it).|
|Delete||Client||Client asks the server to delete a specified resource.|
|Trace||Client||Client is asking the ultimate server to return the request so that any modification by intermediate servers may be identified.|
|Connect||Client||Client is requesting a conversion to a TCP/IP tunnel to facilitate SSL encrypted communication.|
|Redirect||Server||The server responded to the client with a URL redirection to a new resource.|
|Success||Server||Server returned requested data to client in a normal manner.|
|Error||Server||The server responded with either a 400 or 500 error code. Please see the error codes tab for more information.|
- Total Client HTTP Activity by version reveals which HTTP versions are being utilized by client and server.
- HTTP versions to be expected include 1.0 and 1.1 although 1.1 would normally make up the vast majority of traffic for a typical internet facing website.
- Large numbers of HTTP 1.0 requests may indicate that nefarious sources (bots) are attempting to compromise the server in which case Silverline Threat Intelligence can filter these attempts before being thwarted by the WAF policy engine.
- User can filter specified method by clicking on the HTTP method below graph.
- Tab shows time series and summary information for the HTTP and HTTPS responses which are sent from the server to the client.
- The responses are bucketed in sizes which are up to 1K, 4K, 16K, 32K, 64K, 128K, 512K, 2M and 2M+ bytes.
- Using this information customers are able to determine if the response sizes are suitable for the type of client that typically connects and application being served.
- User can filter specified method by clicking on the Response Size below graph.
The time series information simply shows the number of client or server response codes which have been identified over time. However, the summary pie chart goes into more detail on which specific response code have been counted for that time period. These include the following:
|1xx||Information||This response code will indicate that everything so far is okay and that there are no other issues so the client can continue the request. However, the client can also ignore the response if the request is already finished.|
|2xx||Success||This class of status code indicates that the client's request was successfully received, understood, and accepted.|
|3xx||Redirect||This class of status code indicates that further action needs to be taken by the user agent in order to fulfill the request. The action required MAY be carried out by the user agent without interaction with the user if and only if the method used in the second request is GET or HEAD. A client SHOULD detect infinite redirection loops, since such loops generate network traffic for each redirection.|
|4xx||Client Error||These errors occur when a client eroneously requests a resource to which the server cannot provide an appropriate response. These include errors such as Bad Requests (malformed), Unauthorized resource, Forbidden, Not found (the 404 error), Request timeout, URI too long, Payload too large, Upgrade required (wrong TLS version), Locked and other such conditions.|
These conditions occur when the server encounters an unexpected problem. These include Internal server errors, Service unavailable, HTTP version not supported, Not implemented (for the HTTP method) and other less common conditions. Check the web server log for more information.
User can filter specified Response code by clicking on the Response code below graph.