Incidents
Overview of various incidents and Alerts generated by Haltdos WAF
Overview
Haltdos solutions provide real-time alerts for various types of incidents from attacks to accounting/audit incidents through Events. Events can be generated by the platform and various Apps subscribed to in your Stack. You can view all events or filter them based on category, scope, and time.
Events Page
All events are listed on the Events Page. Filters are available to view events of a specific App/Zone/ Listener and Category. Each event is identified by a unique Event ID which can also be used for searching a specific event on the Events Page. All events are listed in decreasing chronological order.
Event Details
Depending upon the type of event, clicking on any Event shows details of the incident. For example, a WAF Attack Event will detail the request/response that got dropped along with details of the request and the reason for dropping the request.
Further to detailing the incident through Events, users can perform various actions. For example, virtual patching functionality is implemented through actions in Event Details. Virtual Patching is the ability to create custom WAF rules from the result of a security scan.
How to Use:
- Click on Apps
- Select WAF
- By Selecting different Category on Incident User can view different Incident like Drop, Record, Error or Health.
- From Resources, User can select desired resource of listed listener.
- From Date Range User can select customize date to view Incidents.
Auto-Refresh
Users can enable auto-refresh in order to refresh the real-time alerts for requests. The details will be displayed in events for the specific type of request.
Events are not verified via email or API. To recieve alerts, you have to create Alarms. All alarm triggers are notified to selected authorized users on the platform