About the Requests page

The Requests page features a summary table, which lists individual requests that have been tagged with signals and that fit into either the all or sampled data storage category. The summary table includes general request data (e.g., path, response code, response size) and identifies the specific attacks and anomalies that a request was tagged with.

Before you begin

Be sure you know how to access the web interface controls.

About the Requests page

Selecting Requests from the site navigation bar displays the Requests page.

From the Requests page, you can:

• use menus to filter the table by when the requests were made and by the signals and HTTP response codes that the requests are tagged with.

• enter queries into a search bar to filter the table. Clicking the Show search examples link reveals example search queries with valid syntax.

• click on signals and linked data in the table to filter the table's contents. For example, clicking on a source IP will constrain the results to all requests made by that IP.

• view full details for an individual request by clicking the View request detail link. The request details page lists all of the metadata captured about the request, including request and response headers, and all the signals we’ve identified. This page can help you further debug a particular attack or anomaly.

  NOTE

  You may need additional context to fully investigate an attack or anomaly. To do this, we recommend using a header link to add a link to your internal systems on the request details page via a linking identifier (e.g., an X-Request-Id response header).

• download full details for the first 1,000 requests by clicking the Download as menu and selecting JSON or CSV. To download additional requests, use the Next button to navigate to a subsequent results page and click Download as again.