WAF Analytics

Analyze security events and traffic patterns for Web Application Firewall (WAF) protected CDN resources, including attack statistics, rule matches, and client behavior.

The WAF Analytics endpoints provide visibility into security-related events detected by the Web Application Firewall across your CDN resources.

Using these endpoints, you can analyze attack activity, rule matches, client IP behavior, requested URIs, and overall threat trends within a selected time range.

All endpoints return aggregated or detailed analytics data based on the filters you provide.

Common Request Parameters

The following parameters are shared across all WAF Analytics endpoints.

Parameter

Description

Type

organization_uuid

Unique identifier of the organization in the Medianova Cloud Panel.

String (UUID)

from

Start timestamp of the analytics query range.

String (YYYY-MM-DD HH:mm:ss)

to

End timestamp of the analytics query range.

String (YYYY-MM-DD HH:mm:ss)

resources

List of CDN resource UUIDs to include in the query. Provide the resources you want to analyze.

Array<String (UUID)>

waf_mode

Filters analytics data by WAF operating mode. Accepted values are on and detectiononly.

String

limit

Maximum number of records to return.

Integer

interval

Time aggregation interval used for histogram-based analytics.

String

Interval behavior

The interval value is automatically calculated based on the selected date range:

Today → 5m (5 minutes)
1–7 days → 1h (1 hour)
8–30 days → 2h (2 hours)
More than 30 days → 8h (8 hours)

Retrieve WAF Activity Logs

post

Returns detailed WAF event logs, including matched rules, actions taken, and request metadata for the selected time range and resources.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

organization_uuidstringRequired

Unique identifier of the organization in the Medianova Cloud Panel.

fromstringRequired

Start timestamp of the query range (YYYY-MM-DD HH:mm:ss).

Example: 2025-04-07 00:00:00

tostringRequired

End timestamp of the query range (YYYY-MM-DD HH:mm:ss).

Example: 2025-04-07 17:59:00

resourcesstring[]Required

List of resource UUIDs to include in the query.

limitintegerRequired

Maximum number of records to return.

Responses

200

WAF activity logs retrieved successfully.

application/json

Responseobject

post

/api/v1/waf_report/activity_logs

POST /api/v1/waf_report/activity_logs HTTP/1.1
Host: cloud.medianova.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 115

{
  "organization_uuid": "text",
  "from": "2025-04-07 00:00:00",
  "to": "2025-04-07 17:59:00",
  "resources": [
    "text"
  ],
  "limit": 1
}

200

WAF activity logs retrieved successfully.

{}

Retrieve WAF Client IP Statistics

post

Returns aggregated statistics of client IP addresses that triggered WAF events within the specified time range.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

organization_uuidstringRequired

Unique identifier of the organization in the Medianova Cloud Panel.

fromstringRequired

Start timestamp of the query range (YYYY-MM-DD HH:mm:ss).

Example: 2025-04-07 00:00:00

tostringRequired

End timestamp of the query range (YYYY-MM-DD HH:mm:ss).

Example: 2026-04-16 17:59:00

resourcesstring[]Required

List of resource UUIDs to include in the query.

limitintegerRequired

Maximum number of client IP records to return.

Responses

200

WAF client IP statistics retrieved successfully.

application/json

Responseobject

post

/api/v1/waf_report/client_ips

POST /api/v1/waf_report/client_ips HTTP/1.1
Host: cloud.medianova.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 115

{
  "organization_uuid": "text",
  "from": "2025-04-07 00:00:00",
  "to": "2026-04-16 17:59:00",
  "resources": [
    "text"
  ],
  "limit": 1
}

200

WAF client IP statistics retrieved successfully.

{}

Retrieve WAF Requested URI Statistics

post

Returns aggregated statistics of request URIs associated with WAF events within the specified time range.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

organization_uuidstringRequired

Unique identifier of the organization in the Medianova Cloud Panel.

fromstringRequired

Start timestamp of the query range (YYYY-MM-DD HH:mm:ss).

Example: 2026-04-16 00:00:00

tostringRequired

End timestamp of the query range (YYYY-MM-DD HH:mm:ss).

Example: 2026-04-16 17:59:00

resourcesstring[]Required

List of CDN resource UUIDs to include in the query.

limitintegerRequired

Maximum number of URI records to return.

Responses

200

WAF requested URI statistics retrieved successfully.

application/json

Responseobject

post

/api/v1/waf_report/request_uris

POST /api/v1/waf_report/request_uris HTTP/1.1
Host: cloud.medianova.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 115

{
  "organization_uuid": "text",
  "from": "2026-04-16 00:00:00",
  "to": "2026-04-16 17:59:00",
  "resources": [
    "text"
  ],
  "limit": 1
}

200

WAF requested URI statistics retrieved successfully.

{}

Retrieve WAF Attack Histogram Data

post

Returns aggregated WAF event counts grouped by time interval for the specified organization, time range, and resources.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

organization_uuidstring · uuidRequired

Unique identifier of the organization in the Medianova Cloud Panel.

fromstringRequired

Start timestamp of the query range (YYYY-MM-DD HH:mm:ss).

Example: 2026-04-16 00:25:00

tostringRequired

End timestamp of the query range (YYYY-MM-DD HH:mm:ss).

Example: 2026-04-16 16:25:00

resourcesstring[]Required

List of CDN resource UUIDs to include in the query.

intervalstringOptional

Time bucket size for aggregation (for example: 5m, 1h, 2h, 8h, 1d).

waf_modestring · enumOptional

WAF mode to filter events (for example: on or detectiononly).

Possible values:

Responses

200

WAF attack histogram data retrieved successfully.

application/json

post

/api/v1/waf_report/attack_histogram

POST /api/v1/waf_report/attack_histogram HTTP/1.1
Host: cloud.medianova.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 171

{
  "organization_uuid": "123e4567-e89b-12d3-a456-426614174000",
  "from": "2026-04-16 00:25:00",
  "to": "2026-04-16 16:25:00",
  "resources": [
    "text"
  ],
  "interval": "text",
  "waf_mode": "on"
}

200

WAF attack histogram data retrieved successfully.

{
  "status": true,
  "data": {
    "ANY_ADDITIONAL_PROPERTY": [
      {
        "time": 1,
        "doc_count": 1
      }
    ]
  }
}

Retrieve WAF Rule Match Details

post

Returns detailed analytics about triggered WAF rules for the selected organization, resources, and time range.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

organization_uuidstring · uuidRequired

Unique identifier of the organization in the Medianova Cloud Panel.

fromstringRequired

Start timestamp of the query range (YYYY-MM-DD HH:mm:ss).

Example: 2025-04-07 00:00:00

tostringRequired

End timestamp of the query range (YYYY-MM-DD HH:mm:ss).

Example: 2025-04-07 17:59:00

resourcesstring[]Required

List of CDN resource UUIDs to include in the query.

limitintegerRequired

Maximum number of rule detail records to return.

Responses

200

WAF rule match details retrieved successfully.

application/json

post

/api/v1/waf_report/rule_details

POST /api/v1/waf_report/rule_details HTTP/1.1
Host: cloud.medianova.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 147

{
  "organization_uuid": "123e4567-e89b-12d3-a456-426614174000",
  "from": "2025-04-07 00:00:00",
  "to": "2025-04-07 17:59:00",
  "resources": [
    "text"
  ],
  "limit": 1
}

200

WAF rule match details retrieved successfully.

{
  "status": true,
  "data": [
    {
      "rule_id": "text",
      "rule_name": "text",
      "action": "allow",
      "match_count": 1
    }
  ]
}

Retrieve Total WAF Threat Counts

post

Returns aggregated threat totals for the selected organization, resources, and time range.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

organization_uuidstring · uuidRequired

Unique identifier of the organization in the Medianova Cloud Panel.

fromstringRequired

Start timestamp of the query range (YYYY-MM-DD HH:mm:ss).

Example: 2025-04-07 00:00:00

tostringRequired

End timestamp of the query range (YYYY-MM-DD HH:mm:ss).

Example: 2025-04-07 17:59:00

resourcesstring[]Required

List of CDN resource UUIDs to include in the query.

limitintegerRequired

Maximum number of records to return.

Responses

200

Total threat counts retrieved successfully.

application/json

post

/api/v1/waf_report/total_threats

POST /api/v1/waf_report/total_threats HTTP/1.1
Host: cloud.medianova.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 147

{
  "organization_uuid": "123e4567-e89b-12d3-a456-426614174000",
  "from": "2025-04-07 00:00:00",
  "to": "2025-04-07 17:59:00",
  "resources": [
    "text"
  ],
  "limit": 1
}

200

Total threat counts retrieved successfully.

{
  "status": true,
  "data": {
    "ANY_ADDITIONAL_PROPERTY": "anything"
  }
}

Retrieve WAF User Agent Statistics

post

Returns user agent statistics for WAF events for the selected organization, resources, and time range.

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Body

organization_uuidstring · uuidRequired

Unique identifier of the organization in the Medianova Cloud Panel.

fromstringRequired

Start timestamp of the query range (YYYY-MM-DD HH:mm:ss).

Example: 2025-04-07 00:00:00

tostringRequired

End timestamp of the query range (YYYY-MM-DD HH:mm:ss).

Example: 2025-04-07 17:59:00

resourcesstring[]Required

List of CDN resource UUIDs to include in the query.

limitintegerRequired

Maximum number of records to return.

Responses

200

WAF user agent statistics retrieved successfully.

application/json

post

/api/v1/waf_report/user_agents

POST /api/v1/waf_report/user_agents HTTP/1.1
Host: cloud.medianova.com
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 147

{
  "organization_uuid": "123e4567-e89b-12d3-a456-426614174000",
  "from": "2025-04-07 00:00:00",
  "to": "2025-04-07 17:59:00",
  "resources": [
    "text"
  ],
  "limit": 1
}

200

WAF user agent statistics retrieved successfully.

{
  "status": true,
  "data": {
    "ANY_ADDITIONAL_PROPERTY": "anything"
  }
}

PreviousAnalytics NextStook Analytics

Last updated 13 days ago

Was this helpful?

hashtagCommon Request Parameters

hashtagRetrieve WAF Activity Logs

hashtagRetrieve WAF Client IP Statistics

hashtagRetrieve WAF Requested URI Statistics

hashtagRetrieve WAF Attack Histogram Data

hashtagRetrieve WAF Rule Match Details

hashtagRetrieve Total WAF Threat Counts

hashtagRetrieve WAF User Agent Statistics

Common Request Parameters

Retrieve WAF Activity Logs

Retrieve WAF Client IP Statistics

Retrieve WAF Requested URI Statistics

Retrieve WAF Attack Histogram Data

Retrieve WAF Rule Match Details

Retrieve Total WAF Threat Counts

Retrieve WAF User Agent Statistics