Manual Chapter : Managing Firewall Rule Reports

Applies To:

Show Versions Show Versions

BIG-IQ Centralized Management

  • 5.2.0
Manual Chapter

About firewall rule reports

You can generate different types of firewall rule reports for selected BIG-IP® devices in either CSV or HTML format. These reports capture information similar to that gathered using the firewall rule monitoring. The types of reports you can generate include:

  • Stale Rule Report. Creates a report on firewall rules that are not being used on the BIG-IP device.
  • Overlap Status Stats Report. Creates a report on firewall rules that are overlapping on the BIG-IP device.
  • Compilation Status Report. Creates a report on the compilation of firewall rules on the BIG-IP device.

Creating firewall rule reports

You create firewall rule reports to capture statistics about firewall rules in a report format.
  1. Navigate to the Firewall Rule Reports screen: Click Monitoring > REPORTS > Security > Network Security > Firewall Rule Reports .
  2. Click Create.
    The New Firewall Rule Report screen opens.
  3. Type a name for the report in the Name field.
  4. Type an optional description for the report in the Description field.
  5. Select a report type from those listed in the Report Type field.
    You can generate these types of reports::
    • Stale Rule Report
    • Overlap Status Stats Report
    • Compilation Status Stats Report
    If the Stale Rule Report report type is selected, the screen displays the Stale Rule Criteria property, otherwise that property is not displayed.
  6. If you select Stale Rule Report, you can refine the report using the options listed in the Stale Rule Criteria setting:
    • To specify that the report should include only rules with a hit count less than the number specified, select Rules with count less than and specify a number in the provided field.
    • To specify that the report should include only rules that have not been hit since the date specified, select Rules that haven't been hit since and specify a date in the provided field.
  7. From the Available Devices setting, select the BIG-IP devices or device group to use for the report:
    • Select Group and select a group of BIG-IP devices from the list.
    • Select Device and select individual BIG-IP devices by moving them from the Available list to the Selected list.
  8. Save the report:
    • Select Save to save the report. The system displays the Firewall Rule Reports page for that one report, and generates the report data.
    • Select Save & Close to save the report. The system displays the Firewall Rule Reports page that lists all reports, and generates the report data.
  9. Select the format for the report:
    • Select CSV Report to have the report formatted as a CSV file.
    • Select HTML Report to have the report formatted as an HTML file. The HTML file is displayed in the Web browser when complete.
    You can save or print these reports.

Deleting firewall rule reports

You can delete firewall rule reports that are no longer needed.
  1. Go to the Firewall Rule Reports screen: Click Monitoring > REPORTS > Security > Network Security > Firewall Rule Reports .
  2. Select one or more reports to delete, and click Delete.
    The reports are deleted from the list on the Firewall Rule Reports screen.