# Traffic Statistics & Analysis ## Traffic Statistics The **Traffic Statistics** page provides a comprehensive overview of all HTTP and HTTPS traffic processed by the Web Application Firewall (WAF) within a selected time range.\ This section helps users monitor traffic volume, security events, error rates, and client behavior. *** ### Overview Traffic Statistics enables you to: * Monitor total and blocked requests * Analyze 4xx and 5xx error rates * Identify traffic sources and client characteristics * Detect abnormal traffic patterns or potential attacks * Evaluate the effectiveness of WAF protection rules *** ### Filters & Scope #### Application Selector – **All Applications** Allows you to filter traffic statistics by: * A specific protected application, or * **All Applications** to view aggregated traffic across all applications protected by the WAF This is useful when managing multiple applications under a single WAF account. #### Time Range Selector – **1 day** Filters displayed data by time period, such as: * 1 day * 7 days * 1 month All metrics and charts are updated dynamically based on the selected time range. *** ### Traffic Analysis #### Key Metrics
MetricDescription
RequestsTotal number of HTTP/HTTPS requests processed by the WAF
ViewsNumber of page views counted from valid requests
VisitorsNumber of unique visitors, identified by cookies or IP addresses
Unique IPNumber of distinct client IP addresses
BlockedNumber of requests blocked by WAF rules
IP AddressNumber of IP addresses that generated blocked requests
These metrics provide a high-level overview of traffic volume and security activity. *** ### Error & Block Statistics #### 4xx Errors Number of requests that resulted in client-side errors, such as **403 Forbidden** or **404 Not Found**. #### Error Rate Percentage of 4xx errors relative to the total number of requests. #### 4xx Blocked Requests actively blocked by the WAF that resulted in 4xx responses, typically **403 Forbidden**. #### Blocked Rate Percentage of total requests that were blocked by the WAF. #### 5xx Errors Number of server-side errors, including: * 500 Internal Server Error * 502 Bad Gateway * 504 Gateway Timeout #### 5xx Error Rate Percentage of server-side errors relative to total requests.\ A high 5xx error rate usually indicates backend application or infrastructure issues rather than WAF-related blocking. *** ### Query Per Second (QPS) Displays the number of requests processed per second. **Use cases:** * Detect sudden traffic spikes * Identify potential DDoS or bot-generated traffic * Monitor overall request load trends *** ### Request Status (Requests) Shows the number of incoming requests over time. **Useful for:** * Detecting abnormal traffic surges * Analyzing user access patterns * Identifying automated or scripted behavior *** ### Blocking Status (Blocked) Shows the number of requests blocked by the WAF over time. **Useful for:** * Detecting attack attempts * Evaluating the effectiveness of security rules * Identifying periods of high protection activity *** ### Geo Location Displays the geographic origin of incoming requests, grouped by country or region. **Benefits:** * Analyze traffic distribution by location * Detect suspicious traffic from unexpected regions * Support geo-based security policies *** ### User Client – User Agent Statistics Displays client information such as: * Operating systems (Windows, Linux, macOS) * Browsers (Chrome, Firefox, Safari) * Tools or automated clients (curl, wget, custom bots) This information helps distinguish between legitimate users and automated or potentially malicious traffic. *** ### Response Status Breakdown of requests by HTTP response category: * **2xx** – Successful responses * **3xx** – Redirect responses * **4xx** – Client-side errors * **5xx** – Server-side errors This view provides a quick summary of application health and request outcomes. *** ### Summary The **Traffic Statistics** page serves as a central observability dashboard for WAF-protected applications.\ By analyzing traffic volume, errors, blocked requests, and client behavior, users can: * Monitor application health * Detect and respond to attacks early * Optimize WAF rule configurations * Improve overall security visibility --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.vngcloud.vn/vng-cloud-document/vwaf/traffic-statistics-and-analysis.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.