Introduction to security reports

With Apigee Edge security reports, you can more quickly understand how your API proxies are configured for security, as well as the runtime conditions that might impact proxy security. Using this information, you can adjust configuration to ensure you have the appropriate level of security for each proxy.

Security reports are graphical representations of runtime and configuration data about your API proxies and shared flows. For an introductory walkthrough, see Explore security reports.

Use the following three pages in the Apigee Edge console to see the data:

Reports page Description
Overview A snapshot of the most prominent aspects of proxy security, including:
  • Total traffic from clients to proxies and from proxies to targets.
  • Traffic over time via HTTPS and non-HTTPS.
  • Coverage by security-related policies.
Runtime A drilldown on runtime traffic conditions. Use these to find out:
  • Amount of traffic each of your proxies is experiencing.
  • Amount of traffic arriving over non-HTTPS, rather than HTTPS.
  • Amount of traffic each developer app is responsible for.
  • Amount of traffic going to proxy targets.
Configuration A drilldown on how your proxies and shared flows are configured. Use these to discover:
  • Where security-related policies such as OAuthv2, SpikeArrest, and FlowCallout are configured in your proxies and shared flows.
  • How virtual hosts are configured.
  • How target access is configured, such as whether the target is configured to receive requests over non-HTTPS.