Responder policy logs
The Responder Policy Logs section displays an overview of Response Policies that have been configured and triggered.
Access to responder policy logs
To access the CWAAP responder policy logs, use the left-hand navigation menu and select Analytics, then WAF, Logs, and then Responder Policy Logs.
Responder policy logs filtering
The Responder Policy Logs filter option has a drop-down menu that allows you to select any configured Asset or VIP for your account. By default, the All Assets (Combined) is selected.
Export responder policy logs
The Responder Policy Logs displayed on the screen can be exported into either a .PDF file, or in a JSON file.
Date range configuration
The Responder Policy Log has various default time range configurations, and the option to create a custom time range to retrieve the Responder Policy Logs.
- Last 7 Days
- Last 30 Days
- This Month
- Last Month
- Custom Range
The Custom Range can be up to ninety (90) days in the past.
Responder policy log details
The Responder Policy Log Details table provides an overview of the policy by displaying the following details. Each field has a sort option that sorts the results either in ascending or descending order (either alphabetical or numerical depending on the column details).
|Responder Action||Displays the Action taken. Either Log or Block.|
|Source IP||Displays the IP Address where the traffic originated.|
|Destination IP||Displays the IP Address of the intended destination.|
|Port||Displays the port number.|
|Method||Buffer Overflow is one of the best-known forms of software (security) vulnerability. Buffer overflows can be used to corrupt the execution stack of a web application. “Sending carefully crafted input to a web application, an attacker can cause the web application to run arbitrary code – effectively taking over the machine.”|
|Method||Displays the Method type (GET, POST, and so forth)|
|Host||Displays the IP Address of the configured host.|
|Date/Time||Displays the time in which the incident occurred (in UTC).|