Overview
The Overview tab provides a summary of data collected for the domain through the use of the anomaly detection policy. It reports information about the entire domain, including the domain overview, Top 10 URLs by Hit, HMM Learning Progress, Violations Triggered by Anomalies, and Events Dashboard.
Domain overview
The top of the Overview page provides a high-level summary of the data that the machine-learning model has learned about the domain.
Parameters | Description |
---|---|
Access Frequency |
Indicates how frequent this application is being accessed. |
Start Time |
The date and time when the machine-learning module started to learn about the domain. |
URL Number |
The total number of URLs that the machine-learning module has learned. |
Action (Alert/Block) |
The total number of the alerts, including both Alert action and Alert & Deny action, that has been issued since the start time up to the present moment, as well as the percentage of each in the total number of requests. |
Service(HTTP/HTTPS) |
The total amount of the HTTP and the HTTPS traffic from the start time up to now. |
Page Charset |
The charset of URLs in the domain, such as UTF-8. |
Top 10 URLs by Hit
The Top 10 URLs by Hit chart displays the top 10 URLs for page hits counts.
HMM Learning Progress
This chart displays the statistics of HMM learning states of all parameters in the domain.
Parameters | Description |
---|---|
Collecting |
Indicates that the learning progress of parameters is in the sample collecting stage. |
Building |
Indicates that, after successfully collected the samples, the anomaly detection module has begun to build all the needed mathematical models for the parameters. This is the mathematical models-building stage. |
Running |
Indicates that the mathematical models of the parameters are stable, and the anomaly detection model is running. Requests triggering an anomaly will move into the second anomaly detection layer to check whether they are actual threats. |
Discarded |
Indicates that FortiWeb has determined that it cannot build a mathematical model for these parameters, and therefore will not use anomaly detection to protect them. |
Violations Triggered by Anomalies
This chart displays the total number of the anomalies found by the anomaly detection policy.
Machine Learning Events
This chart displays the anomaly detection events, such as sample collection, model running, building and testing, along with the time periods when these events take place.