diff --git a/pages/edge-services/how-to/monitor-cockpit.mdx b/pages/edge-services/how-to/monitor-cockpit.mdx
index a312a78b3c..f135ef3d03 100644
--- a/pages/edge-services/how-to/monitor-cockpit.mdx
+++ b/pages/edge-services/how-to/monitor-cockpit.mdx
@@ -51,6 +51,8 @@ The screenshot below shows an example of Edge Services metrics for a given pipel
 
 - **Request origin country**: The proportion of requests (to Edge Services for the specified origin over the specified time period) originating from different countries.
 - **End users location**: A visual representation of where Edge Services end users have been making requests from geographically.
+- **Total WAF processed requests**: The total number of requests evaluated by WAF.  
+- **Detailed WAF processed requests**: A visual representation of the requests evaluated by WAF over time, distributed in WAF actions.
 
 ## Logs
 
@@ -79,6 +81,6 @@ The screenshot below shows an example of Edge Services logs for a given pipeline
 - **Content type**: Type of content returned in the response, e.g. `text/html`, `application/json`.
 - **SSL**: Whether the client request was encrypted with SSL/TLS, and which version e.g. `TLSv1.3`.
 - **Country**: Country from which the request originated.
-- **WAF**: Whether the request was analysed by WAF.
-- **WAF action**: Action taken by WAF, e.g. `block`, `log`, `pass`.
+- **WAF**: The Web Application Firewall mode. Either `on`, `off`, or `log_only`.
+- **WAF action**: Action taken by WAF, either `block` or `pass`.
 - **WAF CRS ID**: WAF CRS rules, if any, that were actioned on the request.
\ No newline at end of file