# WAF Analytics The **WAF Analytics** endpoints provide visibility into security-related events detected by the Web Application Firewall across your CDN resources. Using these endpoints, you can analyze attack activity, rule matches, client IP behavior, requested URIs, and overall threat trends within a selected time range. All endpoints return aggregated or detailed analytics data based on the filters you provide. ## Common Request Parameters The following parameters are shared across all WAF Analytics endpoints.

Parameter	Description	Type
`organization_uuid`	Unique identifier of the organization in the Medianova Control Panel.	String (UUID)
`from`	Start timestamp of the analytics query range.	String (YYYY-MM-DD HH:mm:ss)
`to`	End timestamp of the analytics query range.	String (YYYY-MM-DD HH:mm:ss)
`resources`	List of CDN resource UUIDs to include in the query. Provide the resources you want to analyze.	Array<String (UUID)>
`waf_mode`	Filters analytics data by WAF operating mode. Accepted values are `on` and `detectiononly`.	String
`limit`	Maximum number of records to return.	Integer
`interval`	Time aggregation interval used for histogram-based analytics.	String

**Interval behavior** The `interval` value is automatically calculated based on the selected date range: * **Today** → `5m` (5 minutes) * **1–7 days** → `1h` (1 hour) * **8–30 days** → `2h` (2 hours) * **More than 30 days** → `8h` (8 hours) {% openapi src="" path="/api/v1/waf\_report/activity\_logs" method="post" %} [waf-activity-logs.json](https://542970813-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtK7oIwmhUHdEJcaH4Hx8%2Fuploads%2Fgit-blob-384f929f7ecc147610429822550d6e152f43d3b2%2Fwaf-activity-logs.json?alt=media) {% endopenapi %} {% openapi src="" path="/api/v1/waf\_report/client\_ips" method="post" %} [waf-client-ips.json](https://542970813-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtK7oIwmhUHdEJcaH4Hx8%2Fuploads%2Fgit-blob-f1d648cc43d5c2c7911cb0be3f67a4f10b7bfe52%2Fwaf-client-ips.json?alt=media) {% endopenapi %} {% openapi src="" path="/api/v1/waf\_report/request\_uris" method="post" %} [waf-request-uris.json](https://542970813-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtK7oIwmhUHdEJcaH4Hx8%2Fuploads%2Fgit-blob-f7dfea82600f0d1c4623cf7af01bf299f046f63b%2Fwaf-request-uris.json?alt=media) {% endopenapi %} {% openapi src="" path="/api/v1/waf\_report/attack\_histogram" method="post" %} [waf-attack-histogram.json](https://542970813-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtK7oIwmhUHdEJcaH4Hx8%2Fuploads%2Fgit-blob-cf2bbafbdf0907376ee1578ae1f6f1305645c8a9%2Fwaf-attack-histogram.json?alt=media) {% endopenapi %} {% openapi src="" path="/api/v1/waf\_report/rule\_details" method="post" %} [waf-rule-details.json](https://542970813-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtK7oIwmhUHdEJcaH4Hx8%2Fuploads%2Fgit-blob-0f8dbde62f5b060be33d9aff9de4f698882f4c1c%2Fwaf-rule-details.json?alt=media) {% endopenapi %} {% openapi src="" path="/api/v1/waf\_report/total\_threats" method="post" %} [waf-total-threats.json](https://542970813-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtK7oIwmhUHdEJcaH4Hx8%2Fuploads%2Fgit-blob-604385047dcb2d8b1ce44b6ce2d2e7e53b655ff4%2Fwaf-total-threats.json?alt=media) {% endopenapi %} {% openapi src="" path="/api/v1/waf\_report/user\_agents" method="post" %} [waf-user-agents.json](https://542970813-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FtK7oIwmhUHdEJcaH4Hx8%2Fuploads%2Fgit-blob-a39bbde5a4b15d02b9658f81ce7f235435cdd4fd%2Fwaf-user-agents.json?alt=media) {% endopenapi %}