It would better enable customers to visualize specific traffic patterns and block patterns of F5. Often times these high-level reports are generated regularly to track changes and show long winded changes in risk over time. An example would be; "Show all WAF and BOT block events that took place in the last week and targeted /cart." It would also reduce our reliance on a third party SIEM that the customer may or may not have.