Event Views

The Events view provides a tabular view of events with ability to select granular filter options (left pane in the image below), search queries and Time ranges.

The events are created when a protected asset is configured with a Trigger object of the type "Log" - which is also the default configuration. Log triggers setup and additional configuration options are explained in further details here:

Setup Log Triggers

Event Cards

When you double click on an event, a card shows details about the specific event.

Examples:

Event Severity Classification

Protected Web Asset Name and Policy

HTTP Transaction Information

Threat Prevention details

Time filters

You can filter events based on time ranges by clicking the time filter selector at the top left corner.

Event Query Language

CloudGuard WAF features an extensive event query language. For more details see here:

Event Query Language
PreviousDDoS DashboardNextNotifications

Last updated

Was this helpful?