Analyzing attacks

Check the attacks on the Attacks tab of the Wallarm interface.

Wallarm automatically groups together associated malicious requests into an entity – an attack.

Analyze an attack

Check the attack information in all columns as described in Checking attacks and incidents.

Analyze requests in an attack

  1. Select an attack.
  2. Click the number in the Requests column.

Clicking the number will unfold all requests in the selected attack.

Each request displays the associated information in the following columns:

  • Date – Date and time of the request.
  • VectorAttack vector. Clicking the value in the vector column displays reference information on the attack type.
  • Origin IP – The IP address from which the request originates. Clicking the IP address adds the IP address value into the search field.
  • Status – The server's response status code on the request.
  • Size – The server's response size.
  • Time – The server's response time.

Analyze a request in raw format

The raw format of a request is the maximum possible detalization level.

  1. Select an attack.
  2. Click the number in the Requests column.
  3. Click the right angle bracket >.

The Wallarm interface will display the request in the raw format.

results matching ""

    No results matching ""