Table of Contents

Analysis page - Attack Trend Visualisation

Rama Sadhu Updated by Rama Sadhu

This page displays the analysis of Attack Logs. Users can easily filter and summarize the data by applying multiple filters.

Product Walkthrough - Attack Log Analysis on AppTrana

Attack Logs

This page displays the details of Malicious or Attacker IP address, URL, Country of the attacker, Attack category, date and time of the attack, severity of the attack and much more. 

Click Attack Logs tab in Analysis page. 

 To get the broad picture of attack logs, apply the filters to get the summarized data.

Filter data by severity 

We measure severity into three different categories as Critical, High, and Medium. Selected severity data will be shown. 

All- Critical, High, and Medium severy attack log details are displayed.  

Critical- Critical severity attack details only displayed. 

High- High severity attack details are displayed 

Medium- Medium severity attack details are displayed. 

Filter data by Action 

Action field has three parameters such as All, Block, and Log.  

All- All the Blocked and logged attacks data is displayed. 

Block- Blocked attacks data is displayed. 

Log- Logged attacks data is displayed. 

Filter data by Category 

Enter the attack category in category field to show only the specified category details. 

After applying all the filters, a table is generated with details such as IP, Website name, Category, and so on. 

Parameter 

Description 

IP 

A malicious IP address attacking a website using a specific rule is displayed in this column. 

Website name  

Name of the site 

Category 

This column displays the attack category of a specific IP address. 

Alias 

Subdomain route through the main domain 

Rule Id 

The unique number of the attack rule is displayed in this column. 

Severity 

This column displays, how critical an attack log which is blocked or logged i.e., Critical, High or Medium is displayed. 

Action 

This column display if an attack blocked or logged. 

URL 

A malicious URL used to access a website is displayed in this column. 

Location 

This column displays the geographical location of an attacker. 

Time 

The exact time and date of an attack is registered and displayed in this column. 

 

  • Click Download CSV button to get the attack logs details in CSV format. 

Show Summary for Attack Logs

  1. From Show Top, select the parameters such as IP, URL, Country, Alias, Action, and Category.
  2. Summarize based on number of attacks. 
  3. Go to List Top and select the number.

After applying, all the filters click Show Summary.  

The summary contains a top list of data. 

In the below example, We have overall 2 different aliases with 41377 attacks cumulatively. The table gives details of each aliases and number of attacks along with the chart separately. 

User can go to any of the alias and check the trend graph separately.  

Also, users can click on the trend icon given in Sum of All Attacks field to display the summarized data in graph.

Trend for Sum of All Attacks(All Aliases): 

Trend for Selected Alias: 

How did we do?

Analysis page - Access Trend Visualization

Asset Discovery

Contact

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.