The Community Edition only supports a restricted feature set compared to the Premium Edition. For instance, many features are only available in log only mode. Therefore, violations of rules are logged but not blocked.
In order to get an overview of which attacks are not blocked because you are using the community edition, have a look at log messages with threat handling set to log only.
- Proceed as follows:
- Make sure log only is not explicitly configured for your features. After all, the premium edition supports the log only mode, as well.
- Filter log messages for attribute "th_mode:notify", or ...
- ... use the free Airlock reporting bundle with built-in Kibana dashboards. On dashboard "GATEWAY Attacks", the chart on the right side ("Attacks by Type (log only)") shows all attacks that are not actually blocked but would be in the premium edition.
Note that log messages only cover features that are actually configured. That is, if OpenAPI enforcement is not configured, there will be no log only log message regarding illegal API calls.
The security feature for encoding enforcement is not available in the community edition, not even in log only mode.