Use the AppFirewall Syslog Events dashboard in Command Center to monitor the security violations encountered on the NetScaler devices by the Application Firewall module. By default, you can view the security violations encountered in the last one week.
- Violations by type: Specifies the number of violations for each type of threat, such as Deny URL, SQL Injection, and Cross-site Script.
- Number of violations: Specifies the total number of violations that are blocked, not blocked, and transformed.
- Top 5 clients by violations: Specifies the top five clients that have encountered security violations.
- Top 5 devices by violations: Specifies the top five devices that have encountered security violations.
- Top 5 profiles by violations: Specifies the top five profiles that have encountered security violations.
- Recent 5 violations: Specifies the recent five security violations.
Run built-in reports to monitor the top security violations encountered by the application firewall feature. These reports let you monitor violations encountered by clients, devices, and profiles, and also the different types of violations. You can run the reports at the current time or schedule them to run at a later time.
View the details of the AppFirewall log messages when a message is generated on a security violation. You can also search for specific log messages based on the entire message text or a substring of the message.