Applies to: Fastly CDN, WAF
Fastly is a Content Delivery Network (CDN). This makes content available through users/organizations websites and Internet-accessible (hosted) application programming interfaces (APIs).
Fastly Web Application Firewall (WAF) protects your applications from malicious attacks designed to compromise web servers. The Fastly WAF provides rules that detect and block potential attacks. The rules are collected into a policy and deployed within your Fastly service at the edge.
EventTracker, when integrated with Fastly CDN/WAF, collects log from Fastly CDN/WAF and creates a detailed reports, alerts, dashboards and saved searches. These attributes of EventTracker helps users to view the most critical and important information on a single platform.
Reports will contain detailed overview of activities like:
Fastly user login/ logout will include details such as user login/logout time, their device type or user-agent, if user is an admin or not, and their user id’s.
Alerts are provided as soon as any critical event is triggered by Fastly CDN/WAF. With alerts, users will be able to get real time events such as:
“Fastly CDN/WAF - Access events by user agent” dashlet displays the user-agents trying to access any specific domain/ URL.
“Fastly CDN/WAF - User login fail (Audit events by region)” dashlet displays the login failure occurring in Fastly account in a world map by country. Dashlets associated with WAF activity will display information such as, PHP Injections attacks, SQL injection attacks, application attack session fixation, application attack RCE (Remote code execution), etc.
EventTracker monitors all the Fastly CDN events from services like system manager, Fastly audit and access events. They are given as below.
Once Fastly CDN is configured to deliver events to EventTracker Manager; alerts, dashboards, and reports can be configured into EventTracker.
The configuration details are consistent with EventTracker version 9.x and later, and Fastly CDN.
To configure Fastly CDN to send logs to EventTracker, refer to the How-to Guide.