# WAF Analytics The **WAF Analytics** endpoints provide visibility into security-related events detected by the Web Application Firewall across your CDN resources. Using these endpoints, you can analyze attack activity, rule matches, client IP behavior, requested URIs, and overall threat trends within a selected time range. All endpoints return aggregated or detailed analytics data based on the filters you provide. ## Common Request Parameters The following parameters are shared across all WAF Analytics endpoints.
ParameterDescriptionType
organization_uuidUnique identifier of the organization in the Medianova Control Panel.String (UUID)
fromStart timestamp of the analytics query range.String (YYYY-MM-DD HH:mm:ss)
toEnd timestamp of the analytics query range.String (YYYY-MM-DD HH:mm:ss)
resourcesList of CDN resource UUIDs to include in the query. Provide the resources you want to analyze.Array<String (UUID)>
waf_modeFilters analytics data by WAF operating mode. Accepted values are on and detectiononly.String
limitMaximum number of records to return.Integer
intervalTime aggregation interval used for histogram-based analytics.String
**Interval behavior** The `interval` value is automatically calculated based on the selected date range: * **Today** → `5m` (5 minutes) * **1–7 days** → `1h` (1 hour) * **8–30 days** → `2h` (2 hours) * **More than 30 days** → `8h` (8 hours) {% openapi src="" path="/api/v1/waf\_report/activity\_logs" method="post" %} [waf-activity-logs.json](https://542970813-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtK7oIwmhUHdEJcaH4Hx8%2Fuploads%2Fgit-blob-384f929f7ecc147610429822550d6e152f43d3b2%2Fwaf-activity-logs.json?alt=media) {% endopenapi %} {% openapi src="" path="/api/v1/waf\_report/client\_ips" method="post" %} [waf-client-ips.json](https://542970813-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtK7oIwmhUHdEJcaH4Hx8%2Fuploads%2Fgit-blob-f1d648cc43d5c2c7911cb0be3f67a4f10b7bfe52%2Fwaf-client-ips.json?alt=media) {% endopenapi %} {% openapi src="" path="/api/v1/waf\_report/request\_uris" method="post" %} [waf-request-uris.json](https://542970813-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtK7oIwmhUHdEJcaH4Hx8%2Fuploads%2Fgit-blob-f7dfea82600f0d1c4623cf7af01bf299f046f63b%2Fwaf-request-uris.json?alt=media) {% endopenapi %} {% openapi src="" path="/api/v1/waf\_report/attack\_histogram" method="post" %} [waf-attack-histogram.json](https://542970813-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtK7oIwmhUHdEJcaH4Hx8%2Fuploads%2Fgit-blob-cf2bbafbdf0907376ee1578ae1f6f1305645c8a9%2Fwaf-attack-histogram.json?alt=media) {% endopenapi %} {% openapi src="" path="/api/v1/waf\_report/rule\_details" method="post" %} [waf-rule-details.json](https://542970813-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtK7oIwmhUHdEJcaH4Hx8%2Fuploads%2Fgit-blob-0f8dbde62f5b060be33d9aff9de4f698882f4c1c%2Fwaf-rule-details.json?alt=media) {% endopenapi %} {% openapi src="" path="/api/v1/waf\_report/total\_threats" method="post" %} [waf-total-threats.json](https://542970813-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtK7oIwmhUHdEJcaH4Hx8%2Fuploads%2Fgit-blob-604385047dcb2d8b1ce44b6ce2d2e7e53b655ff4%2Fwaf-total-threats.json?alt=media) {% endopenapi %} {% openapi src="" path="/api/v1/waf\_report/user\_agents" method="post" %} [waf-user-agents.json](https://542970813-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtK7oIwmhUHdEJcaH4Hx8%2Fuploads%2Fgit-blob-a39bbde5a4b15d02b9658f81ce7f235435cdd4fd%2Fwaf-user-agents.json?alt=media) {% endopenapi %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://clients.medianova.com/api-documentation/analytics/waf-analytics.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.