Navigate Web Security Analytics

Set the dimensions, filters, and dates to get the data you need. View the activity logged by your security products and review the alarm notifications.

Set report scope

  1. Go to > WEB & DATA CENTER SECURITY > Security Center.
    If you're already in Security Center, in the left menu, click Analysis > Web Security Analytics.
  2. In the Security Center menu bar, modify the general settings for the view.
    • Switch to view another security configuration. Click the name of the current security configuration, and select a different configuration from the menu.
    • Set a time period within the last 30 days. Click the date field and select the duration or dates you want to see.


The time zone is automatically applied from your ​Control Center​ profile.

  1. To allow switching between views, go to the top-left drop-down menu.
    After selecting your desired view (where the default is Statistics), you can select the relevant dimension from the drop-down menu within the widget, or add a new widget.
  2. Set the parameters to get specific data.
    • To display data for a dimension, click the Add widget icon and start typing or hover over an item on the list. Select whether you want to display your widget as a Timeline, Barline or a Table, and a widget with the selected dimension appears on the dashboard. You can also repurpose any existing widget by switching its current dimension to another one from the drop-down list, and change its display option.
    • To apply filters, click the Filters icon Filters at the top left of the page.
      • Click Add filter condition to select dimensions and specify conditions.
      • Click Save.
      • To clear filters, click Clear All.
  3. Click the top-left Statistics drop-down menu to see the list of available views.
  4. In Predefined, you can find links to Statistics where you build your dashboard, Samples, and Alerts.
  5. Click Alerts to see the list of your alerts and create new ones.
  6. Click Fullscreen to switch to a full-screen view.
  7. Click the More actions More actions menu to:
    • Select the time interval for average requests.
    • Turn Evaluation mode on and off.
    • Turn Human/Bot analysis on and off. When on, reports include human traffic that bypassed bot detections on transactional-endpoints only. To see this traffic, filter on bot score = 0.
    • Copy the View link to share with other users.
    • Switch to legacy UI.

Turn on live mode


Live mode is available in the Statistics and Multi-dimension views.

  1. Open Web Security Analytics.

  2. Set dimensions and filters to display the data you need.

  3. In the upper right corner of the screen, click the Live mode icon and select a time range: 15 minutes window, 30 minutes window, 1 hour window, 2 hours window.

The data refreshes every 5 minutes.

Live mode is set to deactivate after 2 hours if you're using Web Security Analytics.
If you're inactive or the tab is not in focus, it deactivates after 30 minutes.
To turn off the mode earlier, click the Live mode button again, select a new time range or switch to the Samples view.

Query response time

Response time is a critical aspect of the Web Security Analytics performance. The average response time largely depends on various factors, including:

  • network conditions,
  • volume of processed data,
  • complexity of your queries.

Typically, you can expect responses for standard queries and data retrieval within 7 seconds.

However, during peak usage or when dealing with intricate data analyses, response times might vary.