Classifying requests with Firewall device

In the following dashboard the objective is to monitor the requests received in the firewall and perform a classification of these requests according to the port used. At this point, we could classify these requests based on whether they have been denied or allowed by the firewall device. In this way we can found the following firewall states at request level:

  • accept
  • allow
  • client-srst
  • close
  • deny
  • drop
  • drop-icmp
  • forward
  • reset-both
  • server-srt

These are the graphics in the dashboard:

  • FireWall logs by actions last day
  • FireWall logs by actions last week
  • FireWall logs last day
  • Top 10 by Port
  • Blocked requests Map by source
  • Blocked requests Map by destination
  • Logs by action
  • Top 10 by source IP
  • Top 10 by Destination IP

Nice work! Thanks for the entry!