Monitoring with system-generated dashboards

1. Click the name of your site (workspace) in the upper left corner of the control panel.
2. From the dashboards menu , select the dashboard you want to switch to. You can narrow down the list by using the search field. The selected dashboard appears.

Viewing a dashboard in monitor view

Clicking the monitor at the top of the dashboard displays your dashboard in focus mode. Focus mode displays the Site Overview page as you’ve customized it and temporarily hides the rest of the control panel. While in focus mode, you can create a read-only URL so that you can view your dashboard on a TV.

To set up monitor view on a TV:

1. On the Site Overview page, select the relevant dashboard from the Dashboard menu.
2. Click the monitor . The Site Overview page appears in focus mode in the default grid view.
3. Click Share.
4. Click the Read-only URL switch.
5. Copy the link and open it on the TV you’d like to display the dashboard on.

You can change the focus mode view from the default grid view to carousel view by clicking Carousel. In the carousel view, the monitor will cycle through all cards on the Site Overview page. If necessary, you can generate a new URL, which invalidates the old URL. You can also disable the read-only URL altogether.

Overview dashboard

The Overview dashboard provides a high-level, system-generated overview of metrics related to your site. It includes the following cards:

• Request volume: a graph displaying the number of requests the site received over time.
• OWASP Injection Attacks: a graph displaying the most common OWASP Top 10 attacks the site received over time.
• What's new: a list of the latest Next-Gen WAF feature announcements.
• Scanners: a graph displaying the number of commercial and open source scanning tools over time.
• Traffic Source Anomalies: a graph displaying the number of requests from unusual or suspicious sources over time.
• Events: a list of IPs that were flagged for exceeding thresholds. Click View all events to open the Events page.
• Request Anomalies: a graph displaying the number of anomalous behaviors within request headers over time.
• Response Anomalies: a graph displaying the number of client and server error codes over time.
• Suspicious IPs: a list of IPs that are approaching thresholds. Once the threshold is met or exceeded, the IP address will be flagged and added to the Events list. If the agent mode is set to blocking, then all malicious requests from flagged IPs are blocked (without blocking legitimate traffic).
• Authentication: a graph displaying the number of attempts to log in to application endpoints over time.
• Top Attacks: a list of the top URLs containing attack signals.

API Protection dashboard

The API Protection dashboard provides system-generated data about API protection signals. It includes the following cards:

• Enumeration: a graph displaying the number of attempts to access enumerated resources over time.
• Request anomalies: a graph displaying the number of anomalous behaviors within request headers over time.
• Injection attacks: a graph displaying the number of OWASP attacks associated with API abuse over time.
• Serialization anomalies: a graph displaying the number of request errors over time. The errors may indicate autonomous clients.
• Request violations: a graph displaying the number of requests violating common controls over time.
• Traffic source anomalies: a graph displaying the number of requests from unusual or suspicious sources over time.

ATO Protection dashboard

The ATO Protection dashboard provides system-generated data about account takeover (ATO) signals. It includes the following cards:

• Login: a graph displaying the number of attempts to log in to application endpoints over time.
• Password reset: a graph displaying the number of attempts to reset passwords over time.
• Account creation: a graph displaying the number of attempts to create accounts over time.
• Account changes: a graph displaying the number of changes to sensitive account information over time.
• Anomalies: a graph displaying the number of requests from unusual or suspicious sources over time.
• Gift card validation: a graph displaying the number of attempts to validate gift card details over time.
• Credit card validation: a graph displaying the number of attempts to validate credit card details over time.
• Spam: a graph displaying the number of requests to application messaging features over time.

Bot Management dashboard

The Bot Management dashboard provides system-generated data about suspected bot signals. It includes the following cards:

• Verified Bot Activity: a graph displaying verified bots represented on a per-category basis.
• Bot Activity: a graph displaying the number of requests made by suspected bots, suspected bad bots, and verified bots over time.
• Client Challenges: a graph representing requests that were issued a Browser Challenge or verified by the Verify Token rule action and labeled as either providing a valid or an invalid challenge token.
• Authentication: a graph displaying the number of attempts to log in to application endpoints over time.
• Traffic Source Anomalies: a graph displaying the number of requests from unusual or suspicious sources over time.
• Headless Bot Activity: - a graph displaying the traffic from bots detected as being headless browsers leveraging automation tooling such as selenium, puppeteer, and playwright.
• AI Bot Activity: - a graph displaying traffic from bots detected as being an AI crawler or AI fetcher.
• Compromised Credentials: - a graph displaying requests from clients either registering or logging in with a known compromised password.