About signals
Signals are labels that describe requests. Requests are tagged with signals based on the logic of your active rules. Per our data storage policy, the type of signals that requests are tagged with help determine which individual request data is stored and available in the web interface. Using our control panels, you can find and search for requests that have been tagged with a specific signal.
Limitations and considerations
When working with signals, keep the following things in mind:
The Essentials platform does not support custom signals.
Depending on the platform you have purchased, you can monitor signals for a site (also known as workspace) via our control panels.
Platform Next-Gen WAF control panel Fastly control panel Essentials Signals page Security > Next-Gen WAF > Signals page Professional Monitor > Signals Dashboard Security > Next-Gen WAF > Signals page Premier Monitor > Signals Dashboard Security > Next-Gen WAF > Signals page
How signals work
When requests are made to your web application, the Next-Gen WAF agent uses your active rules to identify which requests need to be tagged with a signal and then tags them with the appropriate signal. The system then counts the number of requests that get tagged with a particular signal during one minute periods and makes this data available via time series graphs.
Signal type (e.g., attack, anomaly, informational, custom) determines what individual request data is stored and available in the control panel. For example, we store data from all requests that are tagged with the SQLI system signal because SQLI is an attack signal. We don't store individual request data for requests that haven't been tagged with a signal.
Types of signals
There are two main types of signals:
- Custom: signals that you create to track request behavior that is particular to your web applications. You can create custom signals at the corp (also known as account) or site (workspace) level.
- System: signals that we create to track common attacks, anomalies, and behaviors (e.g., requests to your API and account login and registration activity). You can configure the behavior of some system signals.
