What represent the Aggregate Address in Chart?

Question

Can anyone define what represents the Aggregate Address in Chart?&nbsp;

msz · Answer

Please answer............&nbsp;

msz · Answer

When you generate a chart from chart scheduler with top attacked IP addresses and a chart make with your own for the same time has a lot of differences?&nbsp;
Can anyone explain why?&nbsp;

msz · Answer

If a single user causes multiple violations over time in an ongoing attack, this transaction is correlated into a single aggregated event:
If an event exists whose last violation is within the time window from the same client IP address, correlation occurs with the existing event.
If many transactions are occurring in the same part of the application, either a distributed attack or a false positive has occurred.
If an event exists whose last violation is within the time window for the same URL+parameter combination, correlation occurs with the existing event.
If no such event exists, a new event begins.&nbsp;

Forum Discussion

What represent the Aggregate Address in Chart?

3 Replies

Recent Discussions

F5Access | MacOS Sonoma

Rewrite uri translation not working

Chrome V 124+ on MacOS - Virtual Server Access Issue

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Decoding the IPv4 address from the persistence cookie

CSV to Address External Datagroup File

SNAT IP address logging

Virtual address from address list is down after assignment to VS

Ipv6 address