Description
- How to view reports / metrics for Shape Defense.
- How to monitor Shape Defense
- Shape Defense Summary
Environment
- Silverline Shape Defense
- Silverline Portal
- Shape Defense Summary
- Dashboards
- Bot defense
- Bot protection
- Anti-bot
Procedure
There are 2 places to view reports on Shape Defense:
- Build a Custom Dashboard with Shape Defense data -- How to Create Custom Dashboards in Portal
- Shape Defense Summary
Shape Defense Summary: How to View, Filter, and Download
- In the Portal navigation, go to Monitor & Analyze > Shape Defense Summary.
- View the dashboard, which has 4 sections (click to view more details):
- Traffic Types graph
- Traffic Actions graph
- Requests - Top 10 table
- Events table
- Filter the entire page by selecting Filter in the upper-left
- Note: Default filters exclude JavaScript and SDK Config Fetch requests. Click X to remove, if desired.
- Fill in the following:
- Field - which field you want to filter on
- Operator - whether you want to include ("is) or exclude ("is not") the text written in the text box
- Text box - what specifically you want filtered in or out
- Click in the text box to see possible values in drop-down.
- Click Add
- Filters save on the page until you either clear individually or Clear all.
- Example:
- Example:
- Note: Default filters exclude JavaScript and SDK Config Fetch requests. Click X to remove, if desired.
- Alternatively, filter on individual graphs by clicking on the name in the legend of what you want to filter to and selecting the blue filter icon.
- Set the time range for the entire page's data by using the date selector in the upper-right
- Download Shape Defense Events in CSV format by clicking the blue Download button in the upper-right
- If you filter the results on the page before clicking the download button, the downloaded file will contain only the filtered results.
Descriptions of Shape Defense Summary Sections
Click to jump to section:
- Traffic Types graph
- Traffic Actions graph
- Requests - Top 10 table
- Events table
Traffic Types
Traffic type as determined by Shape Defense:
- Human - probably legitimate traffic from human source
- Malicious - suspected illegitimate traffic from automated bot
- Malicious (Failed Challenge) - requests for Web Scraping that were not able to solve the Interstitial Challenge
- Javascript - the javascript file that will be inserted in the requests by Shape
- Allowlist - this traffic was automatically allowed through because its on an Allowlist (How to Allowlist IP addresses for WAF Services)
- Unavailable - In the event that the Shape systems are unavailable to receive Requests for inspection, the Request will be passed directly to the Customer Back End
- Challenged - These events are part of the Web Scraping challenges.
Graph features
- View as Pie chart or Stacked area graph by clicking pie or line diagram in upper-right of the graph.
- Hover on stacked area chart to show (a) quantity of requests and (b) as a percentage of all traffic for that endpoint
- Filter on individual graphs by clicking on the name in the legend of what you want to filter to and selecting the blue filter icon.
Traffic Actions
Action (Allow, Flag, Block, Redirect, N/A, or Challenged) that was taken on any traffic labeled as automated by Shape Defense, configured on How to Configure Shape Defense (SSD)
N/A is always associated with JavaScript traffic type
Graph features
- View as Pie chart or Stacked area graph by clicking pie or line diagram in upper-right of the graph.
- Hover on stacked area chart to show (a) quantity of requests and (b) as a percentage of all traffic for that endpoint
- Filter on individual graphs by clicking on the name in the legend of what you want to filter to and selecting the blue filter icon.
Requests - Top 10
Top 10 requests to endpoints protected by Shape Defense, as ranked by the selected feature in the upper-right. Change the selection by clicking the drop-down menu By _______
Example 1: Top 10 Source IPs with the most requests
Example 2: Top 10 Countries where requests originated from
Events
- Each time that Shape Defense is triggered to categorize traffic, this is counted as an Event.
- Event table columns
-
Column Name Description Timestamp
Date and time of event Application Name Your application that has Shape Defense turned on Method Method for this end point, configured on How to Configure Shape Defense (SSD)
Host Your application's host Path Endpoint path where inbound traffic was headed before it was sent to Shape Defense Application Type Application type (Web or Mobile)of this endpoint, configured on How to Configure Shape Defense (SSD) Source IP Source IP of incoming traffic XFF X-Forwarded-For IP of the client Country Originating country of incoming traffic Referer Referring URL Traffic Type Traffic type as determined by Shape Defense:
- Human - probably legitimate traffic from human source
- Malicious - suspected illegitimate traffic from automated bot
- Javascript - the javascript file that will be inserted in the requests by Shape
- Allowlist - this traffic was automatically allowed through because its on an Allowlist (How to Allowlist IP addresses for WAF Services)
- Challenged - These events are part of the Web Scraping challenges.
Automation Type Q&A: What Does The Automation Type In The Shape Defense Summary Report Mean? Action Action (Allow, Flag, Block, Redirect, N/A, or Challenged) that was taken on any traffic labeled as automated by Shape Defense, configured on How to Configure Shape Defense (SSD)
N/A is always associated with JavaScript traffic type
User Agent Exact user-agent (browser) string
-
Related Content
- How to Configure Shape Defense (SSD)
- Q&A: What does the Automation Type in the Shape Defense Summary report mean?
- How to Configure a Proxy for HTTP / SSL HTTP / WAF Proxy Service Type
- How to Create Custom Dashboards in Portal
- How to Edit, Export, or Delete Custom Dashboards