Toggle Navigation Toggle Navigation
  • Lumen Connect overview
  • Getting started/General
  • Services
  • APIs
  • Monitoring & Reports
  • Billing
  • Admin
  • Support
  • Orders (Wholesale)
  • Other portals overview
  • Media portal
  • DDoS Mitigation & Reporting
  • Security Solutions portal
  • VoIP portal
  • View all product support
  • Infrastructure
  • Connectivity
  • Security
  • Communication
  • Media & Entertainment
  • LSR portal
  • Port Out Request tool
  • Virtual Front Office
  • Readiness overview
  • Product-specific readiness
  • Handbooks
  • All infrastructure services
  • Edge Bare Metal
  • Edge Gateway
  • Edge Private Cloud
  • Encrypted Wavelength Service
  • Network Storage
  • All connectivity services
  • Ethernet On-Demand
  • Fiber+ Internet
  • Internet On-Demand
  • IP VPN On-Demand
  • NaaS Port
  • On-Demand services
  • Troubleshooting tools
  • All security services
  • Adaptive Network Security
  • Adaptive Threat Intelligence
  • Application Delivery Solutions
  • DDoS Hyper
  • DDoS Mitigation Service
  • Lumen Defender Powered by Black Lotus Labs
  • Lumen SASE with Fortinet
  • Lumen SASE with Versa
  • Lumen SASE with VMware
  • Network-based Security
  • SD-WAN with Cisco Meraki
  • SD-WAN with Versa Networks
  • Security Log Monitoring
  • All communication services
  • Cloud Voice
  • Hosted VoIP
  • Local Inbound (LI)
  • Lumen Solutions for Microsoft Teams
  • Lumen Solutions for Webex
  • Lumen Solutions for Zoom
  • Lumen Solutions for Zoom for Government
  • SIP Trunking
  • Unified Communications and Collaboration
  • Voice Complete
  • VoIP Enhanced Local (ELS)
  • VoIP services
  • Vyvx® Broadcast Solutions
  • North America
  • Asia Pacific (APAC)
  • Contact us APIs

Viewing a DDoS alert summary

From the DDoS alerts page in the DDoS Mitigation and Reporting portal, you can view a summary for each alert. The summary shows a graph of total traffic associated with the affected IPs during the alert, along with some information about the alert, such as the data rates, alert type, and affected profile.

 

Alert Characteristics shows the most relevant source, destination IPs, ports, and protocols. Protocol-appropriate information, such as TCP Flags and ICMP codes, is also shown. Characteristics are more or less specific depending on traffic variation.  

 

You can also view DDoS alert traffic details and recent or ongoing mitigations.

To view a DDoS alert summary: 

  1. Depending on your DDoS product, you can access the DDoS Mitigation and Reporting dashboard using one of the following methods:

    • Using the left menu, click Services, click Service Portals, then click DDoS Mitigation and Reporting. Confirm that you are going to an external site, then click Log In with SSO.

    • Using the left menu, click Monitoring & Reports, click Security Solutions Analytics, then click DDoS Mitigation and Reporting (in either the Reports or DDoS Mitigation Service sections). 
       

The DDoS Mitigation and Reporting portal shows the dashboard.

DDoS Mitigation and Reporting dashboard
  1. Click the Alerts tab, then click All Alerts

    The DDoS Mitigation and Reporting portal shows all DDoS Alerts. 
DDoS Mitigation and Reporting alerts
  1. Click an alert ID

    The DDoS Mitigation and Reporting portal shows the alert summary.
DDoS Mitigation and Reporting alert summary