Requests Per Minute Per Application Event Source

Purpose

Triggers an alert both when the total number of requests per minute relating to a specific application exceeds the given upper limit, and when it later goes below the given lower limit.

ATTENTION
The limit must be exceeded for some time before vWAF triggers the alert (hysteresis characteristics). Therefore, there are no alerts for individual minutes where the number of denied requests is high just by coincidence.

Requests Per IP Per Path Per Timeframe Per Application Event Source and Denied Requests Per Minute Per Application Event Source are similar events.

For more information regarding adding and editing Event Sources, see Editing Event Sources.

Attributes

Attribute Meaning

upper limit

vWAF triggers an alert if for some time there's an average of more requests per minute on any cluster node than stated here.

lower limit

If an alert has been triggered for a cluster node, vWAF doesn't trigger any additional alerts for the same node until the average of requests per minute for this node goes below the limit stated here.

When the number of requests per minute has fallen below this limit for some time, there's a second alert.

msg prefix

Here you can enter some text, which is added to the beginning of the issued alerts when the upper limit is exceeded.

The default text here is "Requests per minute on the following nodes are over the configured limit:".

msg under prefix

Here you can enter some text, which is added to the beginning of the issued alerts when the lower limit is reached again.

The default text is "Requests per minute on the following nodes are under the configured limit:".