ESA analyzes your access log data to provide multi-dimensional account analytics and visualizations. You can gain insights into metrics like request and traffic distribution by country/region, encrypted requests, cache hit ratios, and error code counts.
Benefits
Account analytics uses data from various ESA records, including user logon logs, permission changes, API calls, account associations, security events, access paths, activity metrics, and account properties. By analyzing this data, ESA provides a comprehensive assessment of your account's security, usage, and behavioral patterns to support account management, security, and business optimization.
Account analytics provides insights across several key dimensions:
Geographic distribution analysis: Understand traffic distribution across different countries or regions to identify target markets and inform your regional service and marketing strategies.
Performance and efficiency assessment: Evaluate content delivery efficiency and website health by analyzing metrics like page views and error code counts. This helps you quickly identify and resolve issues that affect user experience.
Resource optimization and planning: Use traffic data to plan your bandwidth resources and cache policies. This helps reduce origin-pull pressure and improve overall service performance.
Security and compliance monitoring: Monitor metrics like encrypted requests to gain visibility into your security posture, ensure data transmission security, and help meet compliance requirements.
Comprehensive traffic and user behavior analysis: Access multi-dimensional reports, including an overview, country/region distribution, and top rankings. These reports provide deep insights into your traffic and user behavior to support data-driven decisions.
View account analytics
Log on to the ESA console. In the left navigation pane, choose .
On the Account analytics page, select a time range to view traffic statistics and analysis. You can also click the
icon to print the page report or click the 
icon to download the data as a CSV file. Use the filter to refine your results. For more information, see How to use filters.
Metric descriptions
Overview
The Overview panel displays a line chart of your account's total traffic and the traffic served by ESA. This visualization helps you analyze historical traffic trends.
Total traffic: The total amount of data transferred from ESA to clients.
Total requests: The total number of requests that ESA receives from clients.
Page views: The number of successful HTTP responses with a content type of HTML.
Metric change percentage: The percentage change for each metric is a period-over-period value, comparing the current time range to the previous identical time range. If no data exists for the previous period, the change percentage is not shown.
For example, if you select the Past 30 days time range and see a 2.03% increase in requests, it means the number of requests received by ESA in the last 30 days is 2.03% higher than in the prior 30-day period (from 60 days ago to 30 days ago).
Country/region
Use this panel to understand the geographic distribution of your traffic. This helps you locate target markets and optimize your strategies.
Top rankings by dimension
Account analytics provides traffic and user behavior analysis across multiple dimensions.
By default, account analytics displays the top 5 entries. You can click More to view more data.
Use case: Protection with analytics
Background: A FinTech company, Customer A, notices frequent logon failures across multiple user accounts originating from various IP addresses. They suspect a malicious actor is attempting to crack passwords, which negatively impacts user experience and trust.
Solution: Customer A uses the ESA account analytics feature to investigate the logon activity. Using the ESA account analytics module, they identify a pattern of abnormal logon attempts: multiple accounts are experiencing a spike in frequent logon failures in a short time. Customer A takes immediate action by using ESA's security features to create a logon protection rule, add the suspicious IP addresses to a deny list, and temporarily lock the high-risk accounts, requiring the affected users to reset their passwords.