I received an email from Cloudflare about a “Spike in automated traffic” occurring on July 31st 2022.
How do I figure out what triggered the email? – I seem to have no way of investigating it. My domain is on the Pro plan.
The Analytics tab in Cloudflare is where I usually go to investigate issues like traffic spikes, spammy requests, slow response times and such. In this case, Cloudflare obviously marked some traffic as “automated” or “likely automated” but I seem to have no way of filtering by that.
There are no obvious culprits such as high traffic from individual countries/IPs or odd-looking User-Agents.
I do see a bunch of traffic hitting
//xmlrpc.php (I am protected against this Wordpress attack), which is obviously automated but that didn’t spike on July 31st – it’s fairly evenly distributed with a chunk of requests every day.
How do I filter by or otherwise identify this automatic traffic I am warned about?