The Security Metrics dashboard helps you understand how the Acquia Edge WAF protects your applications over time.
Use this dashboard to:
Review how many requests were blocked or alerted.
Understand which WAF layers perform the most work.
Review the effectiveness of custom WAF rules and rate-limiting rules in Rule Audit Table.
Discover suspicious patterns in Threat discovery and create new rules.
Access the dashboard
Log in to the Edge console.
Select Security > Security Metrics.
Filters
Domains: Use Filter by Domains to select All domains or specific domains. All metrics, charts, rules, and threat cards on the page update to reflect selections.
Date: Use Date to access data for the Last 24 hours, Last 3 days, and Last 7 days.
Top security metrics
The dashboard shows three key metrics:
Threats Mitigated: The number of blocked requests out of total traffic.
Estimated Bandwidth Saved: The approximate amount of bandwidth prevented from reaching your origin. Values are formatted using K/M/B for counts and MB/GB/TB for bandwidth.
WAF Response Overview: The WAF response overview shows how the WAF handled traffic across protection layers.
First-match basis
A banner on the chart states that Traffic sequence follows a first-match basis. Each request is evaluated in order through the WAF layers. A request is counted only once under the first layer that matched it.
Layers
The dashboard shows activity for:
Rate limiting
Custom WAF
IP Addresses
Acquia Managed Rules
OWASP rules
Blocked verses alerted
Use the Rule response toggle to switch between Blocked (fully blocked requests) and Alerted (requests in monitoring mode). The chart displays total volume and layer breakdowns to read which protections are most active.
Rule Audit table
The Rule Audit Table lists WAF rules for the selected domains.
Note
Leave new rules in alert mode for 14 days before you promote them to block. This provides time to monitor impact.
Table columns
The table includes Rule name, Rule response, Rule profile, Assigned domains, 24Hr hits, and Rule type. Filter the list to access Active or Deleted rules.
Rule analysis
To understand how a specific rule behaves, use Rule Analysis.
Requests over time: A chart showing matches during the selected time range.
Top request breakdown: Lists for attributes such as Domains, HTTP methods, Source IP addresses, Paths, and Countries.
Rule details: A read-only summary including attributes, criteria, and values.
Threat discovery
The Threat Discovery shows patterns that require additional protection.
Threat Discovery Feed: Displays cards for activity like scraper behavior, attack attempts, or Denial-of-Service (DDoS) patterns.
Actions: Use Create rule to open a pre-filled Custom WAF rule form or Rate limiting to tune thresholds.
Security Metrics Dashboard
The Security Metrics dashboard helps you understand how the Acquia Edge WAF protects your applications over time.
Use this dashboard to:
Review how many requests were blocked or alerted.
Understand which WAF layers perform the most work.
Review the effectiveness of custom WAF rules and rate-limiting rules in Rule Audit Table.
Discover suspicious patterns in Threat discovery and create new rules.
Access the dashboard
Log in to the Edge console.
Select Security > Security Metrics.
Filters
Domains: Use Filter by Domains to select All domains or specific domains. All metrics, charts, rules, and threat cards on the page update to reflect selections.
Date: Use Date to access data for the Last 24 hours, Last 3 days, and Last 7 days.
Top security metrics
The dashboard shows three key metrics:
Threats Mitigated: The number of blocked requests out of total traffic.
Estimated Bandwidth Saved: The approximate amount of bandwidth prevented from reaching your origin. Values are formatted using K/M/B for counts and MB/GB/TB for bandwidth.
WAF Response Overview: The WAF response overview shows how the WAF handled traffic across protection layers.
First-match basis
A banner on the chart states that Traffic sequence follows a first-match basis. Each request is evaluated in order through the WAF layers. A request is counted only once under the first layer that matched it.
Layers
The dashboard shows activity for:
Rate limiting
Custom WAF
IP Addresses
Acquia Managed Rules
OWASP rules
Blocked verses alerted
Use the Rule response toggle to switch between Blocked (fully blocked requests) and Alerted (requests in monitoring mode). The chart displays total volume and layer breakdowns to read which protections are most active.
Rule Audit table
The Rule Audit Table lists WAF rules for the selected domains.
Note
Leave new rules in alert mode for 14 days before you promote them to block. This provides time to monitor impact.
Table columns
The table includes Rule name, Rule response, Rule profile, Assigned domains, 24Hr hits, and Rule type. Filter the list to access Active or Deleted rules.
Rule analysis
To understand how a specific rule behaves, use Rule Analysis.
Requests over time: A chart showing matches during the selected time range.
Top request breakdown: Lists for attributes such as Domains, HTTP methods, Source IP addresses, Paths, and Countries.
Rule details: A read-only summary including attributes, criteria, and values.
Threat discovery
The Threat Discovery shows patterns that require additional protection.
Threat Discovery Feed: Displays cards for activity like scraper behavior, attack attempts, or Denial-of-Service (DDoS) patterns.
Actions: Use Create rule to open a pre-filled Custom WAF rule form or Rate limiting to tune thresholds.
Did not find what you were looking for?
If this content did not answer your questions, try searching or contacting our support team for further assistance.