All Reports: Difference between revisions

From Edge Threat Management Wiki - Arista
Jump to navigationJump to search
No edit summary
 
No edit summary
Line 1: Line 1:
This page lists all of the reports available in each application or system within Untangle.


== Captive Portal Reports ==
== Captive Portal Reports ==  
<section begin='Captive Portal' />
<section begin='Captive Portal' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
|-
|-
| width="25%" | Captive Portal Summary
| width="25%" | Captive Portal Summary
| width="60%" | A summary of Application Control actions.
| width="60%" | A summary of Captive Portal actions.
|-
|-
| width="25%" | Activity Summary
| width="25%" | Activity Summary
Line 19: Line 18:
| width="60%" | The top clients that were blocked by Captive Portal because they were not logged in.
| width="60%" | The top clients that were blocked by Captive Portal because they were not logged in.
|-
|-
|}
| width="25%" | All Session Events
<section end='Captive Portal' />
| width="60%" | All sessions processed by Captive Portal.
 
|-
 
| width="25%" | Passed Session Events
== SSL Inspector Reports ==
| width="60%" | Sessions matching passed hosts.
<section begin='SSL Inspector' />
|-
{| border="1" cellpadding="2" width="85%%" align="center"
| width="25%" | Captured Session Events
!Report Entry
| width="60%" | Sessions matching capture rules.
!Description
|-
| width="25%" | All User Events
| width="60%" | All user sessions processed by Captive Portal.
|-
| width="25%" | Login Success User Events
| width="60%" | Successful logins to Captive Portal.
|-
|-
| width="25%" | HTTPS Inspector Summary
| width="25%" | Login Failure User Events
| width="60%" | A summary of HTTPS Inspector actions.
| width="60%" | Failed logins to Captive Portal.
|-
|-
| width="25%" | Scanned Sessions
| width="25%" | Session Timeout User Events
| width="60%" | The amount of SSL sessions over time.
| width="60%" | Sessions that reached the session timeout.
|-
|-
| width="25%" | Inspected Sessions
| width="25%" | Idle Timeout User Events
| width="60%" | The amount of inspected SSL sessions over time.
| width="60%" | Sessions that reached the idle timeout.
|-
|-
| width="25%" | Top Inspected Sites
| width="25%" | User Logout User Events
| width="60%" | The number of inspected sessions grouped by site.
| width="60%" | All user logout events.
|-
|-
| width="25%" | Top Ignored Sites
| width="25%" | Admin Logout User Events
| width="60%" | The number of ignored sessions grouped by site.
| width="60%" | Sessions logged off by the admin.
|-
|-
|}
|}
<section end='HTTPS Inspector' />
<section end='Captive Portal' />




== Configuration Backup Reports ==
== Configuration Backup Reports ==  
<section begin='Configuration Backup' />
<section begin='Configuration Backup' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 65: Line 69:
| width="25%" | Backup Usage (failed)
| width="25%" | Backup Usage (failed)
| width="60%" | The amount of failed configuration backups over time.
| width="60%" | The amount of failed configuration backups over time.
|-
| width="25%" | Backup Events
| width="60%" | All Configuration Backup events.
|-
|-
|}
|}
Line 70: Line 77:




== Network Reports ==
== Network Reports ==  
<section begin='Network' />
<section begin='Network' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
|-
| width="25%" | Network Summary
| width="60%" | A summary of network traffic.
|-
|-
| width="25%" | Sessions
| width="25%" | Sessions
Line 86: Line 96:
|-
|-
| width="25%" | Bandwidth Usage
| width="25%" | Bandwidth Usage
| width="60%" | The approximate averaged data transfer rate (total, sent, received) over time grouped by session creation time.
| width="60%" | The approximate averaged data transfer rate (total, sent, received) over time.
|-
|-
| width="25%" | Top Client Addresses
| width="25%" | Top Client Addresses
| width="60%" | The number of sessions grouped by client (source) address.
| width="60%" | The number of sessions grouped by client (source) address.
|-
| width="25%" | Top Server Addresses
| width="60%" | The number of sessions grouped by server (destination) address.
|-
| width="25%" | Top IP Protocols
| width="60%" | The number of sessions grouped by IP protocol number.
|-
|-
| width="25%" | Top Server Ports
| width="25%" | Top Server Ports
| width="60%" | The number of sessions grouped by server (destination) port.
| width="60%" | The number of sessions grouped by server (destination) port.
|-
|-
| width="25%" | Top IP Protocols
| width="25%" | Top Server Countries
| width="60%" | The number of sessions grouped by IP protocol number.
| width="60%" | The number of sessions grouped by server (destination) country.
|-
| width="25%" | Interface Usage
| width="60%" | The RX rate of each interface over time.
|-
| width="25%" | All Sessions
| width="60%" | All sessions handled by Untangle.
|-
| width="25%" | Scanned Sessions
| width="60%" | All sessions that were not bypassed.
|-
| width="25%" | Bypassed Sessions
| width="60%" | All sessions matching a bypass rule and bypassed.
|-
| width="25%" | Blocked Sessions
| width="60%" | All sessions blocked by filter rules.
|-
| width="25%" | Port Forwarded Sessions
| width="60%" | All sessions match a port forward rule.
|-
| width="25%" | NATd Sessions
| width="60%" | All sessions that have been NATd by Untangle.
|-
| width="25%" | All Session Minutes
| width="60%" | All sessions by minute.
|-
|-
|}
|}
Line 101: Line 141:




== Administration Reports ==
== Administration Reports ==  
<section begin='Administration' />
<section begin='Administration' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 112: Line 152:
| width="25%" | Settings Changes
| width="25%" | Settings Changes
| width="60%" | The number of settings changes over time.
| width="60%" | The number of settings changes over time.
|-
| width="25%" | Admin Logins
| width="60%" | All local administrator logins.
|-
| width="25%" | All Settings Changes
| width="60%" | All settings changes performed by an administrator.
|-
|-
|}
|}
Line 117: Line 163:




== System Reports ==
== System Reports ==  
<section begin='System' />
<section begin='System' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 134: Line 180:
| width="25%" | Swap Usage
| width="25%" | Swap Usage
| width="60%" | The swap utilization over time.
| width="60%" | The swap utilization over time.
|-
| width="25%" | Swap Usage Ratio
| width="60%" | The swap utilization over time as a percent of total memory size .
|-
| width="25%" | Highest Active Hosts
| width="60%" | The highest number of active hosts.
|-
| width="25%" | Server Status Events
| width="60%" | All system status events.
|-
|-
|}
|}
Line 139: Line 194:




== Application Control Lite Reports ==
== Application Control Lite Reports ==  
<section begin='Application Control Lite' />
<section begin='Application Control Lite' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 168: Line 223:
| width="25%" | Top Logged Users
| width="25%" | Top Logged Users
| width="60%" | The top logged sessions by user.
| width="60%" | The top logged sessions by user.
|-
| width="25%" | All Events
| width="60%" | All sessions scanned by Application Control Lite.
|-
| width="25%" | Blocked Events
| width="60%" | All sessions matching an application signature and blocked.
|-
|-
|}
|}
Line 173: Line 234:




== Spam Blocker Lite Reports ==
== Spam Blocker Lite Reports ==  
<section begin='Spam Blocker Lite' />
<section begin='Spam Blocker Lite' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 202: Line 263:
| width="25%" | Top Spam Sender Addresses
| width="25%" | Top Spam Sender Addresses
| width="60%" | The number of IP addresses sending spam.
| width="60%" | The number of IP addresses sending spam.
|-
| width="25%" | All Email Events
| width="60%" | All emails scanned by Spam Blocker.
|-
| width="25%" | All Spam Events
| width="60%" | All emails marked as Spam.
|-
| width="25%" | Quarantined Events
| width="60%" | All emails marked as Spam and quarantined.
|-
| width="25%" | Tarpit Events
| width="60%" | All email sessions that were tarpitted.
|-
|-
|}
|}
Line 207: Line 280:




== Phish Blocker Reports ==
== Phish Blocker Reports ==  
<section begin='Phish Blocker' />
<section begin='Phish Blocker' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 236: Line 309:
| width="25%" | Top Phish Sender Addresses
| width="25%" | Top Phish Sender Addresses
| width="60%" | The number of IP addresses sending phish.
| width="60%" | The number of IP addresses sending phish.
|-
| width="25%" | All Email Events
| width="60%" | All email sessions scanned by Phish Blocker.
|-
| width="25%" | All Phish Events
| width="60%" | All email sessions detected as phishing attempts.
|-
| width="25%" | Quarantined Events
| width="60%" | All email sessions detected as phishing attempts and quarantined.
|-
|-
|}
|}
Line 241: Line 323:




== Policy Manager Reports ==
== Policy Manager Reports ==  
<section begin='Policy Manager' />
<section begin='Policy Manager' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 255: Line 337:
| width="25%" | Traffic By Policy
| width="25%" | Traffic By Policy
| width="60%" | The amount of traffic for each policy.
| width="60%" | The amount of traffic for each policy.
|-
| width="25%" | All Events
| width="60%" | Lists all sessions with the policy manager rack that handled the session.
|-
|-
|}
|}
Line 260: Line 345:




== Ad Blocker Reports ==
== Ad Blocker Reports ==  
<section begin='Ad Blocker' />
<section begin='Ad Blocker' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 274: Line 359:
| width="25%" | Top Blocked Ad Sites
| width="25%" | Top Blocked Ad Sites
| width="60%" | The number of blocked ads grouped by website.
| width="60%" | The number of blocked ads grouped by website.
|-
| width="25%" | All Ad Events
| width="60%" | All HTTP requests scanned by Ad Blocker.
|-
| width="25%" | Blocked Ad Events
| width="60%" | HTTP requests blocked by Ad Blocker.
|-
| width="25%" | Blocked Cookie Events
| width="60%" | Requests blocked by cookie filters.
|-
|-
|}
|}
Line 279: Line 373:




== WAN Balancer Reports ==
== WAN Balancer Reports ==  
<section begin='WAN Balancer' />
<section begin='WAN Balancer' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 298: Line 392:




== Spam Blocker Reports ==
== Spam Blocker Reports ==  
<section begin='Spam Blocker' />
<section begin='Spam Blocker' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 327: Line 421:
| width="25%" | Top Spam Sender Addresses
| width="25%" | Top Spam Sender Addresses
| width="60%" | The number of IP addresses sending spam.
| width="60%" | The number of IP addresses sending spam.
|-
| width="25%" | All Email Events
| width="60%" | All emails scanned by Spam Blocker.
|-
| width="25%" | All Spam Events
| width="60%" | All emails marked as Spam.
|-
| width="25%" | Quarantined Events
| width="60%" | All emails marked as Spam and quarantined.
|-
| width="25%" | Tarpit Events
| width="60%" | All email sessions that were tarpitted.
|-
|-
|}
|}
Line 332: Line 438:




== Application Control Reports ==
== SSL Inspector Reports ==
<section begin='SSL Inspector' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
| width="25%" | SSL Inspector Summary
| width="60%" | A summary of SSL Inspector actions.
|-
| width="25%" | Scanned Sessions
| width="60%" | The amount of SSL sessions over time.
|-
| width="25%" | Inspected Sessions
| width="60%" | The amount of inspected SSL sessions over time.
|-
| width="25%" | Top Inspected Sites
| width="60%" | The number of inspected sessions grouped by site.
|-
| width="25%" | Top Ignored Sites
| width="60%" | The number of ignored sessions grouped by site.
|-
| width="25%" | All Sessions
| width="60%" | All sessions detected by SSL Inspector.
|-
| width="25%" | Inspected Sessions
| width="60%" | Events where traffic was fully processed by the inspector, and all traffic was passed through all the other applications and services.
|-
| width="25%" | Ignored Sessions
| width="60%" | Events where traffic was not or could not be inspected, so the traffic was completely ignored and not analyzed by any applications or services.
|-
| width="25%" | Blocked Sessions
| width="60%" | Events where traffic was blocked because it did not contain a valid SSL request, and the Block Invalid Traffic option was enabled.
|-
| width="25%" | Untrusted Sessions
| width="60%" | Events where traffic was blocked because the server certificate could not be authenticated.
|-
| width="25%" | Abandoned Sessions
| width="60%" | Events where traffic was blocked due to an underlying problems with the SSL session.
|-
|}
<section end='SSL Inspector' />
 
 
== Application Control Reports ==  
<section begin='Application Control' />
<section begin='Application Control' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 349: Line 498:
| width="25%" | Scanned Sessions (blocked)
| width="25%" | Scanned Sessions (blocked)
| width="60%" | The amount of flagged, and blocked sessions over time.
| width="60%" | The amount of flagged, and blocked sessions over time.
|-
| width="25%" | Top Categories (by sessions)
| width="60%" | The number of sessions grouped by category.
|-
|-
| width="25%" | Top Applications (by sessions)
| width="25%" | Top Applications (by sessions)
Line 361: Line 513:
| width="25%" | Top Blocked Applications
| width="25%" | Top Blocked Applications
| width="60%" | The number of blocked sessions grouped by application.
| width="60%" | The number of blocked sessions grouped by application.
|-
| width="25%" | Top Applications Usage
| width="60%" | The amount of bandwidth per top application.
|-
|-
| width="25%" | Top Flagged Hostnames
| width="25%" | Top Flagged Hostnames
Line 379: Line 534:
| width="25%" | Top Blocked Usernames
| width="25%" | Top Blocked Usernames
| width="60%" | The number of blocked sessions grouped by username.
| width="60%" | The number of blocked sessions grouped by username.
|-
| width="25%" | Classified Sessions
| width="60%" | All sessions matching an application control signature.
|-
| width="25%" | Flagged Sessions
| width="60%" | All sessions matching an application control signature and flagged.
|-
| width="25%" | Blocked Sessions
| width="60%" | All sessions matching an application control signature and blocked.
|-
| width="25%" | All Sessions
| width="60%" | All sessions scanned by Application Control.
|-
|-
|}
|}
Line 384: Line 551:




== Web Cache Reports ==
== Web Monitor Reports ==
<section begin='Web Monitor' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
| width="25%" | Web Monitor Summary
| width="60%" | A summary of web monitor actions.
|-
| width="25%" | Web Usage
| width="60%" | The amount of total and flagged web requests over time.
|-
| width="25%" | Web Usage (scanned)
| width="60%" | The amount of total web requests over time.
|-
| width="25%" | Web Usage (flagged)
| width="60%" | The amount of flagged web requests over time.
|-
| width="25%" | Top Categories (by request)
| width="60%" | The number of web requests grouped by category.
|-
| width="25%" | Top Categories (by size)
| width="60%" | The sum of the size of requested web content grouped by category.
|-
| width="25%" | Top Flagged Categories
| width="60%" | The number of flagged web requests grouped by category.
|-
| width="25%" | Top Sites (by request)
| width="60%" | The number of web requests grouped by website.
|-
| width="25%" | Top Sites (by size)
| width="60%" | The sum of the size of requested web content grouped by website.
|-
| width="25%" | Top Flagged Sites
| width="60%" | The number of flagged web requests grouped by website.
|-
| width="25%" | Top Domains (by request)
| width="60%" | The number of web requests grouped by domain.
|-
| width="25%" | Top Domains (by size)
| width="60%" | The sum of the size of requested web content grouped by domain.
|-
| width="25%" | Top Flagged Domains
| width="60%" | The number of flagged web requests grouped by domain.
|-
| width="25%" | Top Domains Usage
| width="60%" | The amount of web requests per top domain.
|-
| width="25%" | Top Hostnames (by requests)
| width="60%" | The number of web requests grouped by hostname.
|-
| width="25%" | Top Hostnames (by size)
| width="60%" | The sum of the size of requested web content grouped by hostname.
|-
| width="25%" | Top Flagged Hostnames
| width="60%" | The number of flagged web request grouped by hostname.
|-
| width="25%" | Top Clients (by requests)
| width="60%" | The number of web requests grouped by client.
|-
| width="25%" | Top Clients (by size)
| width="60%" | The sum of the size of requested web content grouped by client.
|-
| width="25%" | Top Flagged Clients
| width="60%" | The number of flagged web request grouped by client.
|-
| width="25%" | Top Usernames (by requests)
| width="60%" | The number of web requests grouped by username.
|-
| width="25%" | Top Usernames (by size)
| width="60%" | The sum of the size of requested web content grouped by username.
|-
| width="25%" | Top Flagged Usernames
| width="60%" | The number of flagged web request grouped by username.
|-
| width="25%" | Top Content (by request)
| width="60%" | The number of web requests grouped by category.
|-
| width="25%" | Top Categories (by size)
| width="60%" | The sum of the size of requested web content grouped by category.
|-
| width="25%" | All Web Events
| width="60%" | Shows all scanned web requests.
|-
| width="25%" | Flagged Web Events
| width="60%" | Shows all flagged web requests.
|-
| width="25%" | All HTTP Events
| width="60%" | Shows all scanned unencrypted HTTP requests.
|-
| width="25%" | All HTTPS Events
| width="60%" | Shows all encrypted HTTPS requests.
|-
| width="25%" | All Query Events
| width="60%" | Shows all search querires processed by Web Monitor.
|-
|}
<section end='Web Monitor' />
 
 
== Web Cache Reports ==  
<section begin='Web Cache' />
<section begin='Web Cache' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 398: Line 665:
| width="25%" | Cache Size Statistics
| width="25%" | Cache Size Statistics
| width="60%" | The amount of cached and uncached web data over time.
| width="60%" | The amount of cached and uncached web data over time.
|-
| width="25%" | Web Cache Events
| width="60%" | All HTTP events processed by Web Cache.
|-
|-
|}
|}
Line 403: Line 673:




== IPsec VPN Reports ==
== IPsec VPN Reports ==  
<section begin='IPsec VPN' />
<section begin='IPsec VPN' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 429: Line 699:
| width="25%" | Top Protocols
| width="25%" | Top Protocols
| width="60%" | The top IPsec VPN connections by protocol.
| width="60%" | The top IPsec VPN connections by protocol.
|-
| width="25%" | L2TP/Xauth Events
| width="60%" | Shows all user L2TP/Xauth events.
|-
| width="25%" | Tunnel Traffic Events
| width="60%" | Shows all IPsec tunnel traffic statistics events.
|-
|-
|}
|}
Line 434: Line 710:




== Intrusion Prevention Reports ==
== Intrusion Prevention Reports ==  
<section begin='Intrusion Prevention' />
<section begin='Intrusion Prevention' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 499: Line 775:
| width="25%" | Top Protocols (blocked)
| width="25%" | Top Protocols (blocked)
| width="60%" | The number of intrusions blocked by protocol.
| width="60%" | The number of intrusions blocked by protocol.
|-
| width="25%" | All Events
| width="60%" | All sessions scanned by Intrusion Prevention.
|-
| width="25%" | Blocked Events
| width="60%" | All sessions matching Intrusion Prevention signatures and blocked.
|-
|-
|}
|}
Line 504: Line 786:




== Reports Reports ==
== Reports Reports ==  
<section begin='Reports' />
<section begin='Reports' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 515: Line 797:
| width="25%" | Top Alerts
| width="25%" | Top Alerts
| width="60%" | The top alerts.
| width="60%" | The top alerts.
|-
| width="25%" | Alert Events
| width="60%" | Log of all alerts created by alert rules.
|-
|-
|}
|}
Line 520: Line 805:




== Host Viewer Reports ==
== Bandwidth Control Reports ==  
<section begin='Host Viewer' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
| width="25%" | Host Table Size
| width="60%" | The amount of hosts add and removed from the host table over time.
|-
| width="25%" | Host Table Additions
| width="60%" | The amount of hosts add and removed from the host table over time.
|-
| width="25%" | Host Table Updates
| width="60%" | The number of updates to the host table over time.
|-
|}
<section end='Host Viewer' />
 
 
== Bandwidth Control Reports ==
<section begin='Bandwidth Control' />
<section begin='Bandwidth Control' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 549: Line 815:
|-
|-
| width="25%" | Bandwidth Usage
| width="25%" | Bandwidth Usage
| width="60%" | The approximate averaged data transfer rate (total, sent, received) over time grouped by session creation time.
| width="60%" | The approximate averaged data transfer rate (total, sent, received) over time.
|-
| width="25%" | Top Hostnames Usage
| width="60%" | The bandwidth usage of the top hostnames.
|-
|-
| width="25%" | Top Hostnames (by total bytes)
| width="25%" | Top Hostnames (by total bytes)
Line 559: Line 828:
| width="25%" | Top Hostnames (by sent bytes)
| width="25%" | Top Hostnames (by sent bytes)
| width="60%" | The sum of the sent data grouped by hostname.
| width="60%" | The sum of the sent data grouped by hostname.
|-
| width="25%" | Top Clients Usage
| width="60%" | The bandwidth usage of the top clients.
|-
|-
| width="25%" | Top Clients (by total bytes)
| width="25%" | Top Clients (by total bytes)
| width="60%" | The sum of the data transferred grouped by client address.
| width="60%" | The sum of the data transferred grouped by client address.
|-
|-
| width="25%" | Top Clients (by received bytes)
| width="25%" | Top Usernames Usage
| width="60%" | The sum of the data received grouped by client address.
| width="60%" | The bandwidth usage of the top usernames.
|-
| width="25%" | Top Clients (by sent bytes)
| width="60%" | The sum of the data sent grouped by client address.
|-
|-
| width="25%" | Top Usernames (by total bytes)
| width="25%" | Top Usernames (by total bytes)
| width="60%" | The sum of the data transferred grouped by username.
| width="60%" | The sum of the data transferred grouped by username.
|-
|-
| width="25%" | Top Usernames (by received bytes)
| width="25%" | Top Server Port Usage
| width="60%" | The sum of the data transferred grouped by username.
| width="60%" | The bandwidth usage by top server port.
|-
| width="25%" | Top Usernames (by sent bytes)
| width="60%" | The sum of the data transferred grouped by username.
|-
|-
| width="25%" | Top Ports (by total bytes)
| width="25%" | Top Ports (by total bytes)
| width="60%" | The sum of the data transferred grouped by server port.
| width="60%" | The sum of the data transferred grouped by server port.
|-
|-
| width="25%" | Top Ports (by sent bytes)
| width="25%" | Top Ports (by received bytes)
| width="60%" | The sum of the data received grouped by server port.
| width="60%" | The sum of the data received grouped by server port.
|-
|-
| width="25%" | Top Ports (by sent bytes)
| width="25%" | Top Ports (by sent bytes)
| width="60%" | The sum of the data sent grouped by server port.
| width="60%" | The sum of the data sent grouped by server port.
|-
| width="25%" | Top Applications Usage
| width="60%" | The bandwidth usage of the top applications.
|-
|-
| width="25%" | Top Application (by total bytes)
| width="25%" | Top Application (by total bytes)
Line 595: Line 864:
| width="25%" | Top Application (by sent bytes)
| width="25%" | Top Application (by sent bytes)
| width="60%" | The sum of the data sent grouped by Application Control application.
| width="60%" | The sum of the data sent grouped by Application Control application.
|-
| width="25%" | Top Categories Usage
| width="60%" | The bandwidth usage of the top application categories.
|-
| width="25%" | Top Category (by total bytes)
| width="60%" | The sum of the data transferred grouped by Application Control category.
|-
| width="25%" | Top Priorities Usage
| width="60%" | The bandwidth usage by priority.
|-
|-
| width="25%" | Top Priorities (by total bytes)
| width="25%" | Top Priorities (by total bytes)
| width="60%" | The sum of the data transferred grouped by priority.
| width="60%" | The sum of the data transferred grouped by priority.
|-
| width="25%" | Top Countries Usage
| width="60%" | The bandwidth usage by top countries.
|-
| width="25%" | Top Countries (by total bytes)
| width="60%" | The sum of the data transferred grouped by country.
|-
|-
| width="25%" | Bypassed (by total bytes)
| width="25%" | Bypassed (by total bytes)
| width="60%" | The sum of the data transferred grouped by bypassed.
| width="60%" | The sum of the data transferred grouped by bypassed.
|-
| width="25%" | All Sessions
| width="60%" | All sessions processed by Bandwidth Control.
|-
| width="25%" | Prioritized Sessions
| width="60%" | All sessions prioritized by Bandwidth Control.
|-
|-
|}
|}
Line 606: Line 896:




== Directory Connector Reports ==
== Directory Connector Reports ==  
<section begin='Directory Connector' />
<section begin='Directory Connector' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 617: Line 907:
| width="25%" | User Notification API Events
| width="25%" | User Notification API Events
| width="60%" | The amount of login, update and logout user notification API events over time.
| width="60%" | The amount of login, update and logout user notification API events over time.
|-
| width="25%" | AD Events
| width="60%" | Events from the user notification API.
|-
|-
|}
|}
Line 622: Line 915:




== Web Filter Reports ==
== Hosts Reports ==
<section begin='Hosts' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
| width="25%" | Hosts Active
| width="60%" | The amount of active hosts by time.
|-
| width="25%" | Hosts Additions
| width="60%" | The amount of hosts add and removed from the host table over time.
|-
| width="25%" | Hosts Updates
| width="60%" | The number of updates to the host table over time.
|-
| width="25%" | Hosts Events
| width="60%" | All updates to hosts in the host table.
|-
| width="25%" | Quota Events
| width="60%" | Shows when quotas are assigned or expired.
|-
| width="25%" | Penalty Box Events
| width="60%" | Shows when hosts are placed in the penalty box and when the penalty box expires.
|-
|}
<section end='Hosts' />
 
 
== Devices Reports ==
<section begin='Devices' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
| width="25%" | Devices Additions
| width="60%" | The amount of devices add and removed from the device table over time.
|-
| width="25%" | Devices Updates
| width="60%" | The number of updates to the device table over time.
|-
| width="25%" | Devices Events
| width="60%" | All updates to devices in the device table.
|-
|}
<section end='Devices' />
 
 
== Web Filter Reports ==  
<section begin='Web Filter' />
<section begin='Web Filter' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 631: Line 971:
| width="60%" | A summary of web filter actions.
| width="60%" | A summary of web filter actions.
|-
|-
| width="25%" | Web Usage (all)
| width="25%" | Web Usage
| width="60%" | The amount of total, flagged, and blocked web requests over time.
| width="60%" | The amount of total, flagged, and blocked web requests over time.
|-
|-
Line 678: Line 1,018:
| width="25%" | Top Blocked Domains
| width="25%" | Top Blocked Domains
| width="60%" | The number of blocked web requests grouped by domain.
| width="60%" | The number of blocked web requests grouped by domain.
|-
| width="25%" | Top Domains Usage
| width="60%" | The amount of web requests per top domain.
|-
|-
| width="25%" | Top Hostnames (by requests)
| width="25%" | Top Hostnames (by requests)
Line 714: Line 1,057:
| width="25%" | Top Blocked Usernames
| width="25%" | Top Blocked Usernames
| width="60%" | The number of blocked web request grouped by username.
| width="60%" | The number of blocked web request grouped by username.
|-
| width="25%" | Top Content (by request)
| width="60%" | The number of web requests grouped by category.
|-
| width="25%" | Top Categories (by size)
| width="60%" | The sum of the size of requested web content grouped by category.
|-
| width="25%" | All Web Events
| width="60%" | Shows all scanned web requests.
|-
| width="25%" | Flagged Web Events
| width="60%" | Shows all flagged web requests.
|-
| width="25%" | Blocked Web Events
| width="60%" | Shows all blocked web requests.
|-
| width="25%" | All HTTP Events
| width="60%" | Shows all scanned unencrypted HTTP requests.
|-
| width="25%" | All HTTPS Events
| width="60%" | Shows all encrypted HTTPS requests.
|-
| width="25%" | Unblocked Web Events
| width="60%" | Shows all unblocked web requests
|-
| width="25%" | All Query Events
| width="60%" | Shows all search querires processed by Web Filter.
|-
|-
|}
|}
Line 719: Line 1,089:




== Virus Blocker Reports ==
== Virus Blocker Reports ==  
<section begin='Virus Blocker' />
<section begin='Virus Blocker' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
|-
| width="25%" | Virus Blocker Web Summary
| width="60%" | A summary of virus blocking actions for web activity.
|-
|-
| width="25%" | Virus Blocker FTP Summary
| width="25%" | Virus Blocker FTP Summary
Line 730: Line 1,103:
| width="25%" | Virus Blocker Email Summary
| width="25%" | Virus Blocker Email Summary
| width="60%" | A summary of virus blocking actions for Email activity.
| width="60%" | A summary of virus blocking actions for Email activity.
|-
| width="25%" | Virus Blocker Web Summary
| width="60%" | A summary of virus blocking actions for web activity.
|-
|-
| width="25%" | Web Usage (all)
| width="25%" | Web Usage (all)
Line 744: Line 1,114:
|-
|-
| width="25%" | Web Top Blocked Viruses
| width="25%" | Web Top Blocked Viruses
| width="60%" | The number of blocked viruses by web activity.
| width="60%" | The top web virus blocked.
|-
|-
| width="25%" | Web Top Blocked Clients
| width="25%" | Web Top Blocked Clients
| width="60%" | The number of clients with blocked viruses by web activity.
| width="60%" | The top web clients by blocked virus count.
|-
|-
| width="25%" | Web Top Blocked Sites
| width="25%" | Web Top Blocked Sites
| width="60%" | The number of clients with blocked viruses by web activity.
| width="60%" | The top web sites by blocked virus count.
|-
| width="25%" | Web Top Scanned Sites
| width="60%" | The top web sites by scan count.
|-
|-
| width="25%" | FTP Usage (all)
| width="25%" | FTP Usage (all)
Line 787: Line 1,160:
| width="25%" | Email Top Blocked Sites
| width="25%" | Email Top Blocked Sites
| width="60%" | The number of clients with blocked viruses by Email activity.
| width="60%" | The number of clients with blocked viruses by Email activity.
|-
| width="25%" | Scanned Web Events
| width="60%" | All HTTP sessions scanned by Virus Blocker.
|-
| width="25%" | Infected Web Events
| width="60%" | Infected HTTP sessions blocked by Virus Blocker.
|-
| width="25%" | Clean Web Events
| width="60%" | Scanned HTTP sessions marked clean.
|-
| width="25%" | Scanned Email Events
| width="60%" | All email sessions scanned by Virus Blocker.
|-
| width="25%" | Infected Email Events
| width="60%" | Infected email sessions blocked by Virus Blocker.
|-
| width="25%" | Clean Email Events
| width="60%" | Scanned email sessions marked clean.
|-
| width="25%" | Scanned Ftp Events
| width="60%" | All FTP sessions scanned by Virus Blocker.
|-
| width="25%" | Infected Ftp Events
| width="60%" | Infected FTP sessions blocked by Virus Blocker.
|-
| width="25%" | Clean Ftp Events
| width="60%" | Scanned FTP sessions marked clean.
|-
|-
|}
|}
Line 792: Line 1,192:




== Virus Blocker Lite Reports ==
== Virus Blocker Lite Reports ==  
<section begin='Virus Blocker Lite' />
<section begin='Virus Blocker Lite' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
|-
| width="25%" | Virus Blocker Lite Web Summary
| width="60%" | A summary of virus blocking actions for web activity.
|-
|-
| width="25%" | Virus Blocker Lite FTP Summary
| width="25%" | Virus Blocker Lite FTP Summary
Line 803: Line 1,206:
| width="25%" | Virus Blocker Lite Email Summary
| width="25%" | Virus Blocker Lite Email Summary
| width="60%" | A summary of virus blocking actions for Email activity.
| width="60%" | A summary of virus blocking actions for Email activity.
|-
| width="25%" | Virus Blocker Lite Web Summary
| width="60%" | A summary of virus blocking actions for web activity.
|-
|-
| width="25%" | Web Usage (all)
| width="25%" | Web Usage (all)
Line 817: Line 1,217:
|-
|-
| width="25%" | Web Top Blocked Viruses
| width="25%" | Web Top Blocked Viruses
| width="60%" | The number of blocked viruses by web activity.
| width="60%" | The top web virus blocked.
|-
|-
| width="25%" | Web Top Blocked Clients
| width="25%" | Web Top Blocked Clients
| width="60%" | The number of clients with blocked viruses by web activity.
| width="60%" | The top web clients by blocked virus count.
|-
|-
| width="25%" | Web Top Blocked Sites
| width="25%" | Web Top Blocked Sites
| width="60%" | The number of clients with blocked viruses by web activity.
| width="60%" | The top web sites by blocked virus count.
|-
| width="25%" | Web Top Scanned Sites
| width="60%" | The top web sites by scan count.
|-
|-
| width="25%" | FTP Usage (all)
| width="25%" | FTP Usage (all)
Line 860: Line 1,263:
| width="25%" | Email Top Blocked Sites
| width="25%" | Email Top Blocked Sites
| width="60%" | The number of clients with blocked viruses by Email activity.
| width="60%" | The number of clients with blocked viruses by Email activity.
|-
| width="25%" | Scanned Web Events
| width="60%" | All HTTP sessions scanned by Virus Blocker Lite.
|-
| width="25%" | Infected Web Events
| width="60%" | Infected HTTP sessions blocked by Virus Blocker Lite.
|-
| width="25%" | Clean Web Events
| width="60%" | Scanned HTTP sessions marked clean.
|-
| width="25%" | Scanned Email Events
| width="60%" | All email sessions scanned by Virus Blocker Lite.
|-
| width="25%" | Infected Email Events
| width="60%" | Infected email sessions blocked by Virus Blocker Lite.
|-
| width="25%" | Clean Email Events
| width="60%" | Scanned email sessions marked clean.
|-
| width="25%" | Scanned Ftp Events
| width="60%" | All FTP sessions scanned by Virus Blocker Lite.
|-
| width="25%" | Infected Ftp Events
| width="60%" | Infected FTP sessions blocked by Virus Blocker Lite.
|-
| width="25%" | Clean Ftp Events
| width="60%" | Scanned FTP sessions marked clean.
|-
|-
|}
|}
Line 865: Line 1,295:




== Shield Reports ==
== Shield Reports ==  
<section begin='Shield' />
<section begin='Shield' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 885: Line 1,315:
| width="25%" | Top Blocked Hostnames
| width="25%" | Top Blocked Hostnames
| width="60%" | The number of blocked sessions grouped by hostname.
| width="60%" | The number of blocked sessions grouped by hostname.
|-
| width="25%" | Scanned Session Events
| width="60%" | All sessions scanned by Shield.
|-
| width="25%" | Blocked Session Events
| width="60%" | All sessions blocked by Shield.
|-
|-
|}
|}
Line 890: Line 1,326:




== Firewall Reports ==
== Firewall Reports ==  
<section begin='Firewall' />
<section begin='Firewall' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 937: Line 1,373:
| width="25%" | Top Blocked Server Ports
| width="25%" | Top Blocked Server Ports
| width="60%" | The number of flagged session grouped by server (destination) port.
| width="60%" | The number of flagged session grouped by server (destination) port.
|-
| width="25%" | All Events
| width="60%" | All events scanned by Firewall App.
|-
| width="25%" | Flagged Events
| width="60%" | Events flagged by Firewall App.
|-
| width="25%" | Blocked Events
| width="60%" | Events blocked by Firewall App.
|-
|-
|}
|}
Line 942: Line 1,387:




== Web Filter Lite Reports ==
== Web Filter Lite Reports ==  
<section begin='Web Filter Lite' />
<section begin='Web Filter Lite' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 951: Line 1,396:
| width="60%" | A summary of web filter lite actions.
| width="60%" | A summary of web filter lite actions.
|-
|-
| width="25%" | Web Usage (all)
| width="25%" | Web Usage
| width="60%" | The amount of total, flagged, and blocked web requests over time.
| width="60%" | The amount of total, flagged, and blocked web requests over time.
|-
|-
Line 1,034: Line 1,479:
| width="25%" | Top Blocked Usernames
| width="25%" | Top Blocked Usernames
| width="60%" | The number of blocked web request grouped by username.
| width="60%" | The number of blocked web request grouped by username.
|-
| width="25%" | All Web Events
| width="60%" | Shows all scanned web requests.
|-
| width="25%" | Flagged Web Events
| width="60%" | Shows all flagged web requests.
|-
| width="25%" | Blocked Web Events
| width="60%" | Shows all blocked web requests.
|-
| width="25%" | Unblocked Web Events
| width="60%" | Shows all unblocked web requests
|-
|-
|}
|}
Line 1,039: Line 1,496:




== OpenVPN Reports ==
== OpenVPN Reports ==  
<section begin='OpenVPN' />
<section begin='OpenVPN' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 1,059: Line 1,516:
| width="25%" | Top Clients (by usage)
| width="25%" | Top Clients (by usage)
| width="60%" | The number of bytes transferred grouped by remote client.
| width="60%" | The number of bytes transferred grouped by remote client.
|-
| width="25%" | Connection Events
| width="60%" | OpenVPN client connection events.
|-
| width="25%" | Statistic Events
| width="60%" | Shows all OpenVPN connection traffic statistics events.
|-
|-
|}
|}
Line 1,064: Line 1,527:




== WAN Failover Reports ==
== WAN Failover Reports ==  
<section begin='WAN Failover' />
<section begin='WAN Failover' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 1,075: Line 1,538:
| width="25%" | WAN Disconnect Events
| width="25%" | WAN Disconnect Events
| width="60%" | The number of disconnect events grouped by WAN.
| width="60%" | The number of disconnect events grouped by WAN.
|-
| width="25%" | Outage Events
| width="60%" | Events where the failure threshold was exceeded and the WAN was considered offline.
|-
| width="25%" | Test Events
| width="60%" | All test events and their outcome.
|-
| width="25%" | Failed Test Events
| width="60%" | All tests that resulted in failure.
|-
| width="25%" | Success Test Events
| width="60%" | All tests that resulted in success.
|-
|-
|}
|}
<section end='WAN Failover' />
<section end='WAN Failover' />

Revision as of 17:34, 26 December 2016

Captive Portal Reports

<section begin='Captive Portal' />

Report Entry Description
Captive Portal Summary A summary of Captive Portal actions.
Activity Summary A summary of Captive Portal activity.
Top Active Users The top active users that logged in to Captive Portal.
Top Blocked Clients The top clients that were blocked by Captive Portal because they were not logged in.
All Session Events All sessions processed by Captive Portal.
Passed Session Events Sessions matching passed hosts.
Captured Session Events Sessions matching capture rules.
All User Events All user sessions processed by Captive Portal.
Login Success User Events Successful logins to Captive Portal.
Login Failure User Events Failed logins to Captive Portal.
Session Timeout User Events Sessions that reached the session timeout.
Idle Timeout User Events Sessions that reached the idle timeout.
User Logout User Events All user logout events.
Admin Logout User Events Sessions logged off by the admin.

<section end='Captive Portal' />


Configuration Backup Reports

<section begin='Configuration Backup' />

Report Entry Description
Configuration Backup Summary A summary of configuration backup actions.
Backup Usage (all) The amount of successes, and failures of configuration backup over time.
Backup Usage (success) The amount of successful configuration backups over time.
Backup Usage (failed) The amount of failed configuration backups over time.
Backup Events All Configuration Backup events.

<section end='Configuration Backup' />


Network Reports

<section begin='Network' />

Report Entry Description
Network Summary A summary of network traffic.
Sessions The amount of total, scanned, and bypassed sessions over time.
Sessions Per Minute The amount of total, scanned, and bypassed sessions created per minute.
Sessions Per Hour The amount of total, scanned, and bypassed sessions created per hour.
Bandwidth Usage The approximate averaged data transfer rate (total, sent, received) over time.
Top Client Addresses The number of sessions grouped by client (source) address.
Top Server Addresses The number of sessions grouped by server (destination) address.
Top IP Protocols The number of sessions grouped by IP protocol number.
Top Server Ports The number of sessions grouped by server (destination) port.
Top Server Countries The number of sessions grouped by server (destination) country.
Interface Usage The RX rate of each interface over time.
All Sessions All sessions handled by Untangle.
Scanned Sessions All sessions that were not bypassed.
Bypassed Sessions All sessions matching a bypass rule and bypassed.
Blocked Sessions All sessions blocked by filter rules.
Port Forwarded Sessions All sessions match a port forward rule.
NATd Sessions All sessions that have been NATd by Untangle.
All Session Minutes All sessions by minute.

<section end='Network' />


Administration Reports

<section begin='Administration' />

Report Entry Description
Admin Logins The number of total, successful, and failed admin logins over time.
Settings Changes The number of settings changes over time.
Admin Logins All local administrator logins.
All Settings Changes All settings changes performed by an administrator.

<section end='Administration' />


System Reports

<section begin='System' />

Report Entry Description
CPU Load The CPU load over time.
Disk Usage The disk utilization over time.
Memory Usage The amount of free memory over time.
Swap Usage The swap utilization over time.
Swap Usage Ratio The swap utilization over time as a percent of total memory size .
Highest Active Hosts The highest number of active hosts.
Server Status Events All system status events.

<section end='System' />


Application Control Lite Reports

<section begin='Application Control Lite' />

Report Entry Description
Application Control Lite Summary A summary of Application Control Lite actions.
Detection Statistics The number of logged and blocked sessions over time.
Top Blocked Protocols The top blocked sessions by protocol.
Top Logged Protocols The top logged sessions by protocol.
Top Blocked Hosts The top blocked sessions by host.
Top Logged Hosts The top logged sessions by host.
Top Blocked Users The top blocked sessions by user.
Top Logged Users The top logged sessions by user.
All Events All sessions scanned by Application Control Lite.
Blocked Events All sessions matching an application signature and blocked.

<section end='Application Control Lite' />


Spam Blocker Lite Reports

<section begin='Spam Blocker Lite' />

Report Entry Description
Spam Blocker Lite Summary A summary of spam blocking actions for email activity.
Email Usage (all) The amount of scanned, clean, and spam email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (clean) The amount of clean email over time.
Email Usage (spam) The amount of spam email over time.
Spam Ratio The ratio of spam (true) to ham (false)
Top Spam Recipients The number of email addresses with spam.
Top Spam Sender Addresses The number of IP addresses sending spam.
All Email Events All emails scanned by Spam Blocker.
All Spam Events All emails marked as Spam.
Quarantined Events All emails marked as Spam and quarantined.
Tarpit Events All email sessions that were tarpitted.

<section end='Spam Blocker Lite' />


Phish Blocker Reports

<section begin='Phish Blocker' />

Report Entry Description
Phish Blocker Summary A summary of phish blocking actions for email activity.
Email Usage (all) The amount of scanned, clean, and phish email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (clean) The amount of clean email over time.
Email Usage (phish) The amount of phish email over time.
Phish Ratio The ratio of phish (true) to ham (false)
Top Phish Recipients The number of email addresses with phish.
Top Phish Sender Addresses The number of IP addresses sending phish.
All Email Events All email sessions scanned by Phish Blocker.
All Phish Events All email sessions detected as phishing attempts.
Quarantined Events All email sessions detected as phishing attempts and quarantined.

<section end='Phish Blocker' />


Policy Manager Reports

<section begin='Policy Manager' />

Report Entry Description
Policy Manager Summary A summary of Policy Manager actions.
Sessions By Policy The number of sessions for each policy.
Traffic By Policy The amount of traffic for each policy.
All Events Lists all sessions with the policy manager rack that handled the session.

<section end='Policy Manager' />


Ad Blocker Reports

<section begin='Ad Blocker' />

Report Entry Description
Ad Blocker Summary A summary of ad blocker actions.
Ads Blocked The amount of detected and blocked ads over time.
Top Blocked Ad Sites The number of blocked ads grouped by website.
All Ad Events All HTTP requests scanned by Ad Blocker.
Blocked Ad Events HTTP requests blocked by Ad Blocker.
Blocked Cookie Events Requests blocked by cookie filters.

<section end='Ad Blocker' />


WAN Balancer Reports

<section begin='WAN Balancer' />

Report Entry Description
WAN Balancer Summary A summary of WAN Balancer actions.
Sessions By Interface The number of sessions destined to each interface.
Bytes By Interface The number of bytes destined to each interface.

<section end='WAN Balancer' />


Spam Blocker Reports

<section begin='Spam Blocker' />

Report Entry Description
Spam Blocker Summary A summary of spam blocking actions for email activity.
Email Usage (all) The amount of scanned, clean, and spam email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (clean) The amount of clean email over time.
Email Usage (spam) The amount of spam email over time.
Spam Ratio The ratio of spam (true) to ham (false)
Top Spam Recipients The number of email addresses with spam.
Top Spam Sender Addresses The number of IP addresses sending spam.
All Email Events All emails scanned by Spam Blocker.
All Spam Events All emails marked as Spam.
Quarantined Events All emails marked as Spam and quarantined.
Tarpit Events All email sessions that were tarpitted.

<section end='Spam Blocker' />


SSL Inspector Reports

<section begin='SSL Inspector' />

Report Entry Description
SSL Inspector Summary A summary of SSL Inspector actions.
Scanned Sessions The amount of SSL sessions over time.
Inspected Sessions The amount of inspected SSL sessions over time.
Top Inspected Sites The number of inspected sessions grouped by site.
Top Ignored Sites The number of ignored sessions grouped by site.
All Sessions All sessions detected by SSL Inspector.
Inspected Sessions Events where traffic was fully processed by the inspector, and all traffic was passed through all the other applications and services.
Ignored Sessions Events where traffic was not or could not be inspected, so the traffic was completely ignored and not analyzed by any applications or services.
Blocked Sessions Events where traffic was blocked because it did not contain a valid SSL request, and the Block Invalid Traffic option was enabled.
Untrusted Sessions Events where traffic was blocked because the server certificate could not be authenticated.
Abandoned Sessions Events where traffic was blocked due to an underlying problems with the SSL session.

<section end='SSL Inspector' />


Application Control Reports

<section begin='Application Control' />

Report Entry Description
Application Control Summary A summary of Application Control actions.
Scanned Sessions (all) The amount of scanned, flagged, and blocked sessions over time.
Scanned Sessions (flagged) The amount of flagged, and blocked sessions over time.
Scanned Sessions (blocked) The amount of flagged, and blocked sessions over time.
Top Categories (by sessions) The number of sessions grouped by category.
Top Applications (by sessions) The number of sessions grouped by application.
Top Applications (by size) The number of bytes grouped by application.
Top Flagged Applications The number of flagged sessions grouped by application.
Top Blocked Applications The number of blocked sessions grouped by application.
Top Applications Usage The amount of bandwidth per top application.
Top Flagged Hostnames The number of flagged sessions grouped by hostname.
Top Blocked Hostnames The number of blocked sessions grouped by hostname.
Top Flagged Clients The number of flagged sessions grouped by client.
Top Blocked Clients The number of blocked sessions grouped by client.
Top Flagged Usernames The number of flagged sessions grouped by username.
Top Blocked Usernames The number of blocked sessions grouped by username.
Classified Sessions All sessions matching an application control signature.
Flagged Sessions All sessions matching an application control signature and flagged.
Blocked Sessions All sessions matching an application control signature and blocked.
All Sessions All sessions scanned by Application Control.

<section end='Application Control' />


Web Monitor Reports

<section begin='Web Monitor' />

Report Entry Description
Web Monitor Summary A summary of web monitor actions.
Web Usage The amount of total and flagged web requests over time.
Web Usage (scanned) The amount of total web requests over time.
Web Usage (flagged) The amount of flagged web requests over time.
Top Categories (by request) The number of web requests grouped by category.
Top Categories (by size) The sum of the size of requested web content grouped by category.
Top Flagged Categories The number of flagged web requests grouped by category.
Top Sites (by request) The number of web requests grouped by website.
Top Sites (by size) The sum of the size of requested web content grouped by website.
Top Flagged Sites The number of flagged web requests grouped by website.
Top Domains (by request) The number of web requests grouped by domain.
Top Domains (by size) The sum of the size of requested web content grouped by domain.
Top Flagged Domains The number of flagged web requests grouped by domain.
Top Domains Usage The amount of web requests per top domain.
Top Hostnames (by requests) The number of web requests grouped by hostname.
Top Hostnames (by size) The sum of the size of requested web content grouped by hostname.
Top Flagged Hostnames The number of flagged web request grouped by hostname.
Top Clients (by requests) The number of web requests grouped by client.
Top Clients (by size) The sum of the size of requested web content grouped by client.
Top Flagged Clients The number of flagged web request grouped by client.
Top Usernames (by requests) The number of web requests grouped by username.
Top Usernames (by size) The sum of the size of requested web content grouped by username.
Top Flagged Usernames The number of flagged web request grouped by username.
Top Content (by request) The number of web requests grouped by category.
Top Categories (by size) The sum of the size of requested web content grouped by category.
All Web Events Shows all scanned web requests.
Flagged Web Events Shows all flagged web requests.
All HTTP Events Shows all scanned unencrypted HTTP requests.
All HTTPS Events Shows all encrypted HTTPS requests.
All Query Events Shows all search querires processed by Web Monitor.

<section end='Web Monitor' />


Web Cache Reports

<section begin='Web Cache' />

Report Entry Description
Web Cache Summary A summary of Web Cache actions.
Cache Hit/Miss Statistics The number of cache hits, misses, and sessions bypassed over time.
Cache Size Statistics The amount of cached and uncached web data over time.
Web Cache Events All HTTP events processed by Web Cache.

<section end='Web Cache' />


IPsec VPN Reports

<section begin='IPsec VPN' />

Report Entry Description
IPsec VPN Summary A summary of IPsec VPN actions.
Hourly Tunnel Traffic The amount of IPsec tunnel traffic over time.
Top Tunnel Traffic The amount of traffic for each IPsec tunnel.
Top Active Users The top IPsec VPN users by number of sessions.
Top Download Users The top IPsec users grouped by amount of data downloaded.
Top Upload Users The top IPsec users grouped by amount of data uploaded.
Top Protocols The top IPsec VPN connections by protocol.
L2TP/Xauth Events Shows all user L2TP/Xauth events.
Tunnel Traffic Events Shows all IPsec tunnel traffic statistics events.

<section end='IPsec VPN' />


Intrusion Prevention Reports

<section begin='Intrusion Prevention' />

Report Entry Description
Intrusion Prevention Summary A summary of intrusion detection and prevention actions.
Intrusion Detection (all) The amount of detected and blocked intrusions over time.
Intrusion Detection (logged) The amount of detected pintrusions over time.
Intrusion Detection (blocked) The amount of blocked intrusions over time.
Top Rules (logged) The number of intrusions detected grouped by rule.
Top Rules (blocked) The number of intrusions blocked by rule.
Top Classtypes (logged) The number of intrusions detected grouped by classtype.
Top Classtypes (blocked) The number of intrusions blocked by classtype.
Top Categories (logged) The number of intrusions detected grouped by category.
Top Categories (blocked) The number of intrusions blocked by category.
Top Source IP Addresses (logged) The number of intrusions detected grouped by source IP address.
Top Source IP Addresses (blocked) The number of intrusions blocked by source IP address.
Top Source Ports (logged) The number of intrusions detected grouped by source port.
Top Source Port (blocked) The number of intrusions blocked by source port.
Top Destination IP Addresses (logged) The number of intrusions detected grouped by destination IP address.
Top Destination IP Addresses (blocked) The number of intrusions blocked by destination IP address.
Top Destination Ports (logged) The number of intrusions detected grouped by destination port.
Top Destination Port (blocked) The number of intrusions blocked by destination port.
Top Protocols (logged) The number of intrusions detected grouped by protocol.
Top Protocols (blocked) The number of intrusions blocked by protocol.
All Events All sessions scanned by Intrusion Prevention.
Blocked Events All sessions matching Intrusion Prevention signatures and blocked.

<section end='Intrusion Prevention' />


Reports Reports

<section begin='Reports' />

Report Entry Description
Alerts Alerts over time.
Top Alerts The top alerts.
Alert Events Log of all alerts created by alert rules.

<section end='Reports' />


Bandwidth Control Reports

<section begin='Bandwidth Control' />

Report Entry Description
Bandwidth Control Summary A summary of Bandwidth Control actions.
Bandwidth Usage The approximate averaged data transfer rate (total, sent, received) over time.
Top Hostnames Usage The bandwidth usage of the top hostnames.
Top Hostnames (by total bytes) The sum of the data transferred grouped by hostname.
Top Hostnames (by received bytes) The sum of the received data grouped by hostname.
Top Hostnames (by sent bytes) The sum of the sent data grouped by hostname.
Top Clients Usage The bandwidth usage of the top clients.
Top Clients (by total bytes) The sum of the data transferred grouped by client address.
Top Usernames Usage The bandwidth usage of the top usernames.
Top Usernames (by total bytes) The sum of the data transferred grouped by username.
Top Server Port Usage The bandwidth usage by top server port.
Top Ports (by total bytes) The sum of the data transferred grouped by server port.
Top Ports (by received bytes) The sum of the data received grouped by server port.
Top Ports (by sent bytes) The sum of the data sent grouped by server port.
Top Applications Usage The bandwidth usage of the top applications.
Top Application (by total bytes) The sum of the data transferred grouped by Application Control application.
Top Application (by received bytes) The sum of the data sent grouped by Application Control application.
Top Application (by sent bytes) The sum of the data sent grouped by Application Control application.
Top Categories Usage The bandwidth usage of the top application categories.
Top Category (by total bytes) The sum of the data transferred grouped by Application Control category.
Top Priorities Usage The bandwidth usage by priority.
Top Priorities (by total bytes) The sum of the data transferred grouped by priority.
Top Countries Usage The bandwidth usage by top countries.
Top Countries (by total bytes) The sum of the data transferred grouped by country.
Bypassed (by total bytes) The sum of the data transferred grouped by bypassed.
All Sessions All sessions processed by Bandwidth Control.
Prioritized Sessions All sessions prioritized by Bandwidth Control.

<section end='Bandwidth Control' />


Directory Connector Reports

<section begin='Directory Connector' />

Report Entry Description
Directory Connector Summary A summary of Directory Connector actions.
User Notification API Events The amount of login, update and logout user notification API events over time.
AD Events Events from the user notification API.

<section end='Directory Connector' />


Hosts Reports

<section begin='Hosts' />

Report Entry Description
Hosts Active The amount of active hosts by time.
Hosts Additions The amount of hosts add and removed from the host table over time.
Hosts Updates The number of updates to the host table over time.
Hosts Events All updates to hosts in the host table.
Quota Events Shows when quotas are assigned or expired.
Penalty Box Events Shows when hosts are placed in the penalty box and when the penalty box expires.

<section end='Hosts' />


Devices Reports

<section begin='Devices' />

Report Entry Description
Devices Additions The amount of devices add and removed from the device table over time.
Devices Updates The number of updates to the device table over time.
Devices Events All updates to devices in the device table.

<section end='Devices' />


Web Filter Reports

<section begin='Web Filter' />

Report Entry Description
Web Filter Summary A summary of web filter actions.
Web Usage The amount of total, flagged, and blocked web requests over time.
Web Usage (scanned) The amount of total, flagged, and blocked web requests over time.
Web Usage (flagged) The amount of flagged, and blocked web requests over time.
Web Usage (blocked) The amount of flagged, and blocked web requests over time.
Top Categories (by request) The number of web requests grouped by category.
Top Categories (by size) The sum of the size of requested web content grouped by category.
Top Flagged Categories The number of flagged web requests grouped by category.
Top Blocked Categories The number of blocked web requests grouped by category.
Top Sites (by request) The number of web requests grouped by website.
Top Sites (by size) The sum of the size of requested web content grouped by website.
Top Flagged Sites The number of flagged web requests grouped by website.
Top Blocked Sites The number of blocked web requests grouped by website.
Top Domains (by request) The number of web requests grouped by domain.
Top Domains (by size) The sum of the size of requested web content grouped by domain.
Top Flagged Domains The number of flagged web requests grouped by domain.
Top Blocked Domains The number of blocked web requests grouped by domain.
Top Domains Usage The amount of web requests per top domain.
Top Hostnames (by requests) The number of web requests grouped by hostname.
Top Hostnames (by size) The sum of the size of requested web content grouped by hostname.
Top Flagged Hostnames The number of flagged web request grouped by hostname.
Top Blocked Hostnames The number of blocked web request grouped by hostname.
Top Clients (by requests) The number of web requests grouped by client.
Top Clients (by size) The sum of the size of requested web content grouped by client.
Top Flagged Clients The number of flagged web request grouped by client.
Top Blocked Clients The number of blocked web request grouped by client.
Top Usernames (by requests) The number of web requests grouped by username.
Top Usernames (by size) The sum of the size of requested web content grouped by username.
Top Flagged Usernames The number of flagged web request grouped by username.
Top Blocked Usernames The number of blocked web request grouped by username.
Top Content (by request) The number of web requests grouped by category.
Top Categories (by size) The sum of the size of requested web content grouped by category.
All Web Events Shows all scanned web requests.
Flagged Web Events Shows all flagged web requests.
Blocked Web Events Shows all blocked web requests.
All HTTP Events Shows all scanned unencrypted HTTP requests.
All HTTPS Events Shows all encrypted HTTPS requests.
Unblocked Web Events Shows all unblocked web requests
All Query Events Shows all search querires processed by Web Filter.

<section end='Web Filter' />


Virus Blocker Reports

<section begin='Virus Blocker' />

Report Entry Description
Virus Blocker Web Summary A summary of virus blocking actions for web activity.
Virus Blocker FTP Summary A summary of virus blocking actions for FTP activity.
Virus Blocker Email Summary A summary of virus blocking actions for Email activity.
Web Usage (all) The amount of scanned and blocked web requests over time.
Web Usage (scanned) The amount of scanned web requests over time.
Web Usage (blocked) The amount of blocked web requests over time.
Web Top Blocked Viruses The top web virus blocked.
Web Top Blocked Clients The top web clients by blocked virus count.
Web Top Blocked Sites The top web sites by blocked virus count.
Web Top Scanned Sites The top web sites by scan count.
FTP Usage (all) The amount of scanned and blocked FTP requests over time.
FTP Usage (scanned) The amount of scanned FTP requests over time.
FTP Usage (blocked) The amount of blocked FTP requests over time.
FTP Top Blocked Viruses The number of blocked viruses by FTP activity.
FTP Top Blocked Clients The number of clients with blocked viruses by FTP activity.
FTP Top Blocked Sites The number of clients with blocked viruses by FTP activity.
Email Usage (all) The amount of scanned and blocked email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (blocked) The amount of blocked email over time.
Email Top Blocked Viruses The number of blocked viruses by Email activity.
Email Top Blocked Clients The number of clients with blocked viruses by Email activity.
Email Top Blocked Sites The number of clients with blocked viruses by Email activity.
Scanned Web Events All HTTP sessions scanned by Virus Blocker.
Infected Web Events Infected HTTP sessions blocked by Virus Blocker.
Clean Web Events Scanned HTTP sessions marked clean.
Scanned Email Events All email sessions scanned by Virus Blocker.
Infected Email Events Infected email sessions blocked by Virus Blocker.
Clean Email Events Scanned email sessions marked clean.
Scanned Ftp Events All FTP sessions scanned by Virus Blocker.
Infected Ftp Events Infected FTP sessions blocked by Virus Blocker.
Clean Ftp Events Scanned FTP sessions marked clean.

<section end='Virus Blocker' />


Virus Blocker Lite Reports

<section begin='Virus Blocker Lite' />

Report Entry Description
Virus Blocker Lite Web Summary A summary of virus blocking actions for web activity.
Virus Blocker Lite FTP Summary A summary of virus blocking actions for FTP activity.
Virus Blocker Lite Email Summary A summary of virus blocking actions for Email activity.
Web Usage (all) The amount of scanned and blocked web requests over time.
Web Usage (scanned) The amount of scanned web requests over time.
Web Usage (blocked) The amount of blocked web requests over time.
Web Top Blocked Viruses The top web virus blocked.
Web Top Blocked Clients The top web clients by blocked virus count.
Web Top Blocked Sites The top web sites by blocked virus count.
Web Top Scanned Sites The top web sites by scan count.
FTP Usage (all) The amount of scanned and blocked FTP requests over time.
FTP Usage (scanned) The amount of scanned FTP requests over time.
FTP Usage (blocked) The amount of blocked FTP requests over time.
FTP Top Blocked Viruses The number of blocked viruses by FTP activity.
FTP Top Blocked Clients The number of clients with blocked viruses by FTP activity.
FTP Top Blocked Sites The number of clients with blocked viruses by FTP activity.
Email Usage (all) The amount of scanned and blocked email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (blocked) The amount of blocked email over time.
Email Top Blocked Viruses The number of blocked viruses by Email activity.
Email Top Blocked Clients The number of clients with blocked viruses by Email activity.
Email Top Blocked Sites The number of clients with blocked viruses by Email activity.
Scanned Web Events All HTTP sessions scanned by Virus Blocker Lite.
Infected Web Events Infected HTTP sessions blocked by Virus Blocker Lite.
Clean Web Events Scanned HTTP sessions marked clean.
Scanned Email Events All email sessions scanned by Virus Blocker Lite.
Infected Email Events Infected email sessions blocked by Virus Blocker Lite.
Clean Email Events Scanned email sessions marked clean.
Scanned Ftp Events All FTP sessions scanned by Virus Blocker Lite.
Infected Ftp Events Infected FTP sessions blocked by Virus Blocker Lite.
Clean Ftp Events Scanned FTP sessions marked clean.

<section end='Virus Blocker Lite' />


Shield Reports

<section begin='Shield' />

Report Entry Description
Scanned Sessions The amount of scanned and blocked sessions over time.
Blocked Sessions The amount of blocked sessions over time.
Top Blocked Clients The number of blocked sessions grouped by client.
Top Blocked Usernames The number of blocked sessions grouped by username.
Top Blocked Hostnames The number of blocked sessions grouped by hostname.
Scanned Session Events All sessions scanned by Shield.
Blocked Session Events All sessions blocked by Shield.

<section end='Shield' />


Firewall Reports

<section begin='Firewall' />

Report Entry Description
Firewall Summary A summary of firewall actions.
Scanned Sessions The amount of scanned, flagged, and blocked sessions over time.
Top Scanned Hostnames The number of scanned session grouped by hostname.
Top Flagged Hostnames The number of flagged session grouped by hostname.
Top Blocked Hostnames The number of blocked sessions grouped by hostname.
Top Scanned Clients The number of scanned session grouped by client.
Top Flagged Clients The number of flagged session grouped by client.
Top Blocked Clients The number of flagged session grouped by client.
Top Scanned Usernames The number of scanned session grouped by username.
Top Flagged Usernames The number of flagged session grouped by username.
Top Blocked Usernames The number of flagged session grouped by username.
Top Scanned Server Ports The number of scanned session grouped by server (destination) port.
Top Flagged Server Ports The number of flagged session grouped by server (destination) port.
Top Blocked Server Ports The number of flagged session grouped by server (destination) port.
All Events All events scanned by Firewall App.
Flagged Events Events flagged by Firewall App.
Blocked Events Events blocked by Firewall App.

<section end='Firewall' />


Web Filter Lite Reports

<section begin='Web Filter Lite' />

Report Entry Description
Web Filter Lite Summary A summary of web filter lite actions.
Web Usage The amount of total, flagged, and blocked web requests over time.
Web Usage (scanned) The amount of total, flagged, and blocked web requests over time.
Web Usage (flagged) The amount of flagged, and blocked web requests over time.
Web Usage (blocked) The amount of flagged, and blocked web requests over time.
Top Categories (by request) The number of web requests grouped by category.
Top Categories (by size) The sum of the size of requested web content grouped by category.
Top Flagged Categories The number of flagged web requests grouped by category.
Top Blocked Categories The number of blocked web requests grouped by category.
Top Sites (by request) The number of web requests grouped by website.
Top Sites (by size) The sum of the size of requested web content grouped by website.
Top Flagged Sites The number of flagged web requests grouped by website.
Top Blocked Sites The number of blocked web requests grouped by website.
Top Domains (by request) The number of web requests grouped by domain.
Top Domains (by size) The sum of the size of requested web content grouped by domain.
Top Flagged Domains The number of flagged web requests grouped by domain.
Top Blocked Domains The number of blocked web requests grouped by domain.
Top Hostnames (by requests) The number of web requests grouped by hostname.
Top Hostnames (by size) The sum of the size of requested web content grouped by hostname.
Top Flagged Hostnames The number of flagged web request grouped by hostname.
Top Blocked Hostnames The number of blocked web request grouped by hostname.
Top Clients (by requests) The number of web requests grouped by client.
Top Clients (by size) The sum of the size of requested web content grouped by client.
Top Flagged Clients The number of flagged web request grouped by client.
Top Blocked Clients The number of blocked web request grouped by client.
Top Usernames (by requests) The number of web requests grouped by username.
Top Usernames (by size) The sum of the size of requested web content grouped by username.
Top Flagged Usernames The number of flagged web request grouped by username.
Top Blocked Usernames The number of blocked web request grouped by username.
All Web Events Shows all scanned web requests.
Flagged Web Events Shows all flagged web requests.
Blocked Web Events Shows all blocked web requests.
Unblocked Web Events Shows all unblocked web requests

<section end='Web Filter Lite' />


OpenVPN Reports

<section begin='OpenVPN' />

Report Entry Description
OpenVPN Summary A summary of OpenVPN actions.
OpenVPN Bandwidth Usage The approximate amount of data transfered over openvpn connections.
OpenVPN Events The amount of login and logout events over time.
OpenVPN Sessions The amount of openvpn sessions over time.
Top Clients (by usage) The number of bytes transferred grouped by remote client.
Connection Events OpenVPN client connection events.
Statistic Events Shows all OpenVPN connection traffic statistics events.

<section end='OpenVPN' />


WAN Failover Reports

<section begin='WAN Failover' />

Report Entry Description
WAN Failover Summary A summary of WAN Failover actions.
WAN Disconnect Events The number of disconnect events grouped by WAN.
Outage Events Events where the failure threshold was exceeded and the WAN was considered offline.
Test Events All test events and their outcome.
Failed Test Events All tests that resulted in failure.
Success Test Events All tests that resulted in success.

<section end='WAN Failover' />