Spherical Defense
  • Summary
  • Frequently Asked Questions
  • Guide
    • Quickstart
      • Amazon Machine Image
        • Using Access Logs
      • CloudFormation
    • Install now on AWS
    • User Interface
    • Integrations
      • Apigee
      • Kong
      • AWS API Gateway
      • Slack
      • Splunk
      • NGINX (WIP)
  • Reference
  • Changelog
Powered by GitBook
On this page

Was this helpful?

  1. Guide

User Interface

Spherical Defense comes with a web user interface included. Here are the usage instructions.

PreviousCloudFormationNextIntegrations

Last updated 5 years ago

Was this helpful?

The user interface is hosted on port 80 of your Spherical Defense deployment, which means you can access it from your browser by simply entering the address of the server in your browser.

The application is easy to use, and provides information about the running system and also the API requests that is has analysed.

Element

Detail

Collecting

This task is shown with tick if sufficient traffic has been ingested to begin training.

Processing

This task is shown with a tick if the pre-training processing has completed.

Training

This task is shown with a tick if the system is current training a security model.

Ready

This task is shown with a tick if at least one security model has been trained, and new requests are being evaluated.

Training Requests

The number of requests that have been received and are being incorporated for training subsequent models.

Models

The number of security models that have been trained. The one with the highest detection accuracy is preserved for evaluation.

Accuracy

The estimated detection accuracy of the best available model.

Events

The number of security events that have been received.

Column

Detail

Score

How anomalous this event is.

This ranges between 100 (very anomalous) and 0 (only slightly anomalous).

Timestamp

When the event occurred.

Anomaly Focus

The part of the request which triggered the event.

›

Show the entirety of the request.

Spherical Defense user interface.
System status, and model training information panel.
Historical API requests over the last 30 days, including the number of detected anomalies (red).
You can see security alerts by selecting a date range in the last 30 days.
Security alerts will be shown in this table, which can searched and sorted.
The API request that triggered the event can be explored by clicking on the right-facing chevron.