Difference between revisions of "All Reports"

From UntangleWiki
Jump to: navigation, search
(Threat Prevention Reports)
Line 23: Line 23:
 
| width="25%" | Passed Session Events
 
| width="25%" | Passed Session Events
 
| width="60%" | Sessions matching passed hosts.
 
| width="60%" | Sessions matching passed hosts.
 +
|-
 +
| width="25%" | Captured Session Events
 +
| width="60%" | Sessions matching capture rules.
 
|-
 
|-
 
| width="25%" | All User Events
 
| width="25%" | All User Events
 
| width="60%" | All user sessions processed by Captive Portal.
 
| width="60%" | All user sessions processed by Captive Portal.
|-
 
| width="25%" | Captured Session Events
 
| width="60%" | Sessions matching capture rules.
 
 
|-
 
|-
 
| width="25%" | Login Success User Events
 
| width="25%" | Login Success User Events
Line 85: Line 85:
 
| width="25%" | Network Summary
 
| width="25%" | Network Summary
 
| width="60%" | A summary of network traffic.
 
| width="60%" | A summary of network traffic.
 +
|-
 +
| width="25%" | Data Usage (by interface)
 +
| width="60%" | The total data usage by interface.
 +
|-
 +
| width="25%" | Data Usage per Day (by interface)
 +
| width="60%" | The data usage of each interface by day
 +
|-
 +
| width="25%" | Data Rx-Usage (by interface)
 +
| width="60%" | The total received data usage by interface.
 +
|-
 +
| width="25%" | Data Tx-Usage (by interface)
 +
| width="60%" | The total received data usage by interface.
 
|-
 
|-
 
| width="25%" | Sessions
 
| width="25%" | Sessions
Line 103: Line 115:
 
| width="25%" | Top Server Addresses
 
| width="25%" | Top Server Addresses
 
| width="60%" | The number of sessions grouped by server (destination) address.
 
| width="60%" | The number of sessions grouped by server (destination) address.
 +
|-
 +
| width="25%" | Top Server Ports
 +
| width="60%" | The number of sessions grouped by server (destination) port.
 
|-
 
|-
 
| width="25%" | Top IP Protocols
 
| width="25%" | Top IP Protocols
 
| width="60%" | The number of sessions grouped by IP protocol number.
 
| width="60%" | The number of sessions grouped by IP protocol number.
|-
 
| width="25%" | Top Server Ports
 
| width="60%" | The number of sessions grouped by server (destination) port.
 
 
|-
 
|-
 
| width="25%" | Top Server Countries
 
| width="25%" | Top Server Countries
Line 163: Line 175:
  
  
== Bandwidth Control Reports ==  
+
== System Reports ==  
<section begin='Bandwidth Control' />
+
<section begin='System' />
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
!Report Entry
 
!Report Entry
 
!Description
 
!Description
 
|-
 
|-
| width="25%" | Bandwidth Control Summary
+
| width="25%" | CPU Load
| width="60%" | A summary of Bandwidth Control actions.
+
| width="60%" | The CPU load over time.
 
|-
 
|-
| width="25%" | Bandwidth Usage
+
| width="25%" | Disk Usage
| width="60%" | The approximate averaged data transfer rate (total, sent, received) over time.
+
| width="60%" | The disk utilization over time.
 
|-
 
|-
| width="25%" | Top Hostnames Usage
+
| width="25%" | Memory Usage
| width="60%" | The bandwidth usage of the top hostnames.
+
| width="60%" | The amount of free memory over time.
 
|-
 
|-
| width="25%" | Top Hostnames (by total bytes)
+
| width="25%" | Swap Usage
| width="60%" | The sum of the data transferred grouped by hostname.
+
| width="60%" | The swap utilization over time as a percent of total swap size .
 
|-
 
|-
| width="25%" | Top Hostnames (by received bytes)
+
| width="25%" | Swap Usage Bytes
| width="60%" | The sum of the received data grouped by hostname.
+
| width="60%" | The swap utilization over time.
 
|-
 
|-
| width="25%" | Top Hostnames (by sent bytes)
+
| width="25%" | Highest Active Hosts
| width="60%" | The sum of the sent data grouped by hostname.
+
| width="60%" | The highest number of active hosts.
 
|-
 
|-
| width="25%" | Top Clients Usage
+
| width="25%" | Server Status Events
| width="60%" | The bandwidth usage of the top clients.
+
| width="60%" | All system status events.
 
|-
 
|-
| width="25%" | Top Clients (by total bytes)
+
|}
| width="60%" | The sum of the data transferred grouped by client address.
+
<section end='System' />
|-
+
 
| width="25%" | Top Usernames Usage
+
 
| width="60%" | The bandwidth usage of the top usernames.
+
== Application Control Lite Reports ==
 +
<section begin='Application Control Lite' />
 +
{| border="1" cellpadding="2" width="85%%" align="center"  
 +
!Report Entry
 +
!Description
 
|-
 
|-
| width="25%" | Top Usernames (by total bytes)
+
| width="25%" | Application Control Lite Summary
| width="60%" | The sum of the data transferred grouped by username.
+
| width="60%" | A summary of Application Control Lite actions.
 
|-
 
|-
| width="25%" | Top Server Port Usage
+
| width="25%" | Detection Statistics
| width="60%" | The bandwidth usage by top server port.
+
| width="60%" | The number of logged and blocked sessions over time.
 
|-
 
|-
| width="25%" | Top Ports (by total bytes)
+
| width="25%" | Top Blocked Protocols
| width="60%" | The sum of the data transferred grouped by server port.
+
| width="60%" | The top blocked sessions by protocol.
 
|-
 
|-
| width="25%" | Top Ports (by received bytes)
+
| width="25%" | Top Logged Protocols
| width="60%" | The sum of the data received grouped by server port.
+
| width="60%" | The top logged sessions by protocol.
 
|-
 
|-
| width="25%" | Top Ports (by sent bytes)
+
| width="25%" | Top Blocked Hosts
| width="60%" | The sum of the data sent grouped by server port.
+
| width="60%" | The top blocked sessions by host.
 
|-
 
|-
| width="25%" | Top Applications Usage
+
| width="25%" | Top Logged Hosts
| width="60%" | The bandwidth usage of the top applications.
+
| width="60%" | The top logged sessions by host.
 
|-
 
|-
| width="25%" | Top Application (by total bytes)
+
| width="25%" | Top Blocked Users
| width="60%" | The sum of the data transferred grouped by Application Control application.
+
| width="60%" | The top blocked sessions by user.
 
|-
 
|-
| width="25%" | Top Application (by received bytes)
+
| width="25%" | Top Logged Users
| width="60%" | The sum of the data sent grouped by Application Control application.
+
| width="60%" | The top logged sessions by user.
 
|-
 
|-
| width="25%" | Top Application (by sent bytes)
+
| width="25%" | All Events
| width="60%" | The sum of the data sent grouped by Application Control application.
+
| width="60%" | All sessions scanned by Application Control Lite.
 
|-
 
|-
| width="25%" | Top Categories Usage
+
| width="25%" | Blocked Events
| width="60%" | The bandwidth usage of the top application categories.
+
| width="60%" | All sessions matching an application signature and blocked.
 
|-
 
|-
| width="25%" | Top Category (by total bytes)
+
|}
| width="60%" | The sum of the data transferred grouped by Application Control category.
+
<section end='Application Control Lite' />
|-
+
 
| width="25%" | Top Priorities Usage
+
 
| width="60%" | The bandwidth usage by priority.
+
== Spam Blocker Lite Reports ==
 +
<section begin='Spam Blocker Lite' />
 +
{| border="1" cellpadding="2" width="85%%" align="center"  
 +
!Report Entry
 +
!Description
 
|-
 
|-
| width="25%" | Top Priorities (by total bytes)
+
| width="25%" | Spam Blocker Lite Summary
| width="60%" | The sum of the data transferred grouped by priority.
+
| width="60%" | A summary of spam blocking actions for email activity.
 
|-
 
|-
| width="25%" | Top Countries Usage
+
| width="25%" | Email Usage (all)
| width="60%" | The bandwidth usage by top countries.
+
| width="60%" | The amount of scanned, clean, and spam email over time.
 
|-
 
|-
| width="25%" | Top Countries (by total bytes)
+
| width="25%" | Email Usage (scanned)
| width="60%" | The sum of the data transferred grouped by country.
+
| width="60%" | The amount of scanned email over time.
 
|-
 
|-
| width="25%" | Bypassed (by total bytes)
+
| width="25%" | Email Usage (clean)
| width="60%" | The sum of the data transferred grouped by bypassed.
+
| width="60%" | The amount of clean email over time.
 
|-
 
|-
| width="25%" | All Sessions
+
| width="25%" | Email Usage (spam)
| width="60%" | All sessions processed by Bandwidth Control.
+
| width="60%" | The amount of spam email over time.
 +
|-
 +
| width="25%" | Spam Ratio
 +
| width="60%" | The ratio of spam (true) to ham (false)
 +
|-
 +
| width="25%" | Top Spam Recipients
 +
| width="60%" | The number of email addresses with spam.
 +
|-
 +
| width="25%" | Top Spam Sender Addresses
 +
| width="60%" | The number of IP addresses sending spam.
 +
|-
 +
| width="25%" | All Email Events
 +
| width="60%" | All emails scanned by Spam Blocker.
 +
|-
 +
| width="25%" | All Spam Events
 +
| width="60%" | All emails marked as Spam.
 
|-
 
|-
| width="25%" | Quota Events
+
| width="25%" | Quarantined Events
| width="60%" | Shows when quotas are assigned or expired.
+
| width="60%" | All emails marked as Spam and quarantined.
 
|-
 
|-
| width="25%" | Prioritized Sessions
+
| width="25%" | Tarpit Events
| width="60%" | All sessions prioritized by Bandwidth Control.
+
| width="60%" | All email sessions that were tarpitted.
 
|-
 
|-
 
|}
 
|}
<section end='Bandwidth Control' />
+
<section end='Spam Blocker Lite' />
  
  
== Application Control Lite Reports ==  
+
== Phish Blocker Reports ==  
<section begin='Application Control Lite' />
+
<section begin='Phish Blocker' />
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
!Report Entry
 
!Report Entry
 
!Description
 
!Description
 
|-
 
|-
| width="25%" | Application Control Lite Summary
+
| width="25%" | Phish Blocker Summary
| width="60%" | A summary of Application Control Lite actions.
+
| width="60%" | A summary of phish blocking actions for email activity.
 
|-
 
|-
| width="25%" | Detection Statistics
+
| width="25%" | Email Usage (all)
| width="60%" | The number of logged and blocked sessions over time.
+
| width="60%" | The amount of scanned, clean, and phish email over time.
 
|-
 
|-
| width="25%" | Top Blocked Protocols
+
| width="25%" | Email Usage (scanned)
| width="60%" | The top blocked sessions by protocol.
+
| width="60%" | The amount of scanned email over time.
 
|-
 
|-
| width="25%" | Top Logged Protocols
+
| width="25%" | Email Usage (clean)
| width="60%" | The top logged sessions by protocol.
+
| width="60%" | The amount of clean email over time.
 
|-
 
|-
| width="25%" | Top Blocked Hosts
+
| width="25%" | Email Usage (phish)
| width="60%" | The top blocked sessions by host.
+
| width="60%" | The amount of phish email over time.
 
|-
 
|-
| width="25%" | Top Logged Hosts
+
| width="25%" | Phish Ratio
| width="60%" | The top logged sessions by host.
+
| width="60%" | The ratio of phish (true) to ham (false)
 
|-
 
|-
| width="25%" | Top Blocked Users
+
| width="25%" | Top Phish Recipients
| width="60%" | The top blocked sessions by user.
+
| width="60%" | The number of email addresses with phish.
 +
|-
 +
| width="25%" | Top Phish Sender Addresses
 +
| width="60%" | The number of IP addresses sending phish.
 
|-
 
|-
| width="25%" | Top Logged Users
+
| width="25%" | All Email Events
| width="60%" | The top logged sessions by user.
+
| width="60%" | All email sessions scanned by Phish Blocker.
 
|-
 
|-
| width="25%" | All Events
+
| width="25%" | All Phish Events
| width="60%" | All sessions scanned by Application Control Lite.
+
| width="60%" | All email sessions detected as phishing attempts.
 
|-
 
|-
| width="25%" | Blocked Events
+
| width="25%" | Quarantined Events
| width="60%" | All sessions matching an application signature and blocked.
+
| width="60%" | All email sessions detected as phishing attempts and quarantined.
 
|-
 
|-
 
|}
 
|}
<section end='Application Control Lite' />
+
<section end='Phish Blocker' />
  
  
== Spam Blocker Lite Reports ==  
+
== Tunnel VPN Reports ==  
<section begin='Spam Blocker Lite' />
+
<section begin='Tunnel VPN' />
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
!Report Entry
 
!Report Entry
 
!Description
 
!Description
 
|-
 
|-
| width="25%" | Spam Blocker Lite Summary
+
| width="25%" | Tunnel VPN Summary
| width="60%" | A summary of spam blocking actions for email activity.
+
| width="60%" | A summary of Tunnel VPN traffic.
 
|-
 
|-
| width="25%" | Email Usage (all)
+
| width="25%" | Hourly Tunnel Traffic
| width="60%" | The amount of scanned, clean, and spam email over time.
+
| width="60%" | The amount of Tunnel VPN traffic over time.
 
|-
 
|-
| width="25%" | Email Usage (scanned)
+
| width="25%" | Top Tunnel Traffic
| width="60%" | The amount of scanned email over time.
+
| width="60%" | The amount of traffic for each Tunnel VPN tunnel.
 
|-
 
|-
| width="25%" | Email Usage (clean)
+
| width="25%" | Connection Events
| width="60%" | The amount of clean email over time.
+
| width="60%" | Shows all Tunnel VPN connection events.
 
|-
 
|-
| width="25%" | Email Usage (spam)
+
| width="25%" | Tunnel Stat Events
| width="60%" | The amount of spam email over time.
+
| width="60%" | Shows all Tunnel VPN traffic statistics events.
 
|-
 
|-
| width="25%" | Top Spam Recipients
+
|}
| width="60%" | The number of email addresses with spam.
+
<section end='Tunnel VPN' />
 +
 
 +
 
 +
== Events Reports ==
 +
<section begin='Events' />
 +
{| border="1" cellpadding="2" width="85%%" align="center"  
 +
!Report Entry
 +
!Description
 
|-
 
|-
| width="25%" | Spam Ratio
+
| width="25%" | Alerts
| width="60%" | The ratio of spam (true) to ham (false)
+
| width="60%" | Alerts over time.
 
|-
 
|-
| width="25%" | Top Spam Sender Addresses
+
| width="25%" | Top Alerts
| width="60%" | The number of IP addresses sending spam.
+
| width="60%" | The top alerts.
 
|-
 
|-
| width="25%" | All Email Events
+
| width="25%" | Alert Events
| width="60%" | All emails scanned by Spam Blocker.
+
| width="60%" | Log of all alerts created by alert rules.
|-
 
| width="25%" | All Spam Events
 
| width="60%" | All emails marked as Spam.
 
|-
 
| width="25%" | Quarantined Events
 
| width="60%" | All emails marked as Spam and quarantined.
 
|-
 
| width="25%" | Tarpit Events
 
| width="60%" | All email sessions that were tarpitted.
 
 
|-
 
|-
 
|}
 
|}
<section end='Spam Blocker Lite' />
+
<section end='Events' />
  
  
== Phish Blocker Reports ==  
+
== Users Reports ==  
<section begin='Phish Blocker' />
+
<section begin='Users' />
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
!Report Entry
 
!Report Entry
 
!Description
 
!Description
 
|-
 
|-
| width="25%" | Phish Blocker Summary
+
| width="25%" | Users Events
| width="60%" | A summary of phish blocking actions for email activity.
+
| width="60%" | All updates to users in the user table.
 
|-
 
|-
| width="25%" | Email Usage (all)
+
|}
| width="60%" | The amount of scanned, clean, and phish email over time.
+
<section end='Users' />
 +
 
 +
 
 +
== Policy Manager Reports ==
 +
<section begin='Policy Manager' />
 +
{| border="1" cellpadding="2" width="85%%" align="center"  
 +
!Report Entry
 +
!Description
 
|-
 
|-
| width="25%" | Email Usage (scanned)
+
| width="25%" | Policy Manager Summary
| width="60%" | The amount of scanned email over time.
+
| width="60%" | A summary of Policy Manager actions.
 
|-
 
|-
| width="25%" | Email Usage (clean)
+
| width="25%" | Top Policy Usage
| width="60%" | The amount of clean email over time.
+
| width="60%" | The amount of bandwidth per policy.
 
|-
 
|-
| width="25%" | Email Usage (phish)
+
| width="25%" | Sessions By Policy
| width="60%" | The amount of phish email over time.
+
| width="60%" | The number of sessions for each policy.
 
|-
 
|-
| width="25%" | Top Phish Recipients
+
| width="25%" | Traffic By Policy
| width="60%" | The number of email addresses with phish.
+
| width="60%" | The amount of traffic for each policy.
 
|-
 
|-
| width="25%" | Phish Ratio
+
| width="25%" | All Events
| width="60%" | The ratio of phish (true) to ham (false)
+
| width="60%" | Lists all sessions with the policy manager rack that handled the session.
|-
 
| width="25%" | Top Phish Sender Addresses
 
| width="60%" | The number of IP addresses sending phish.
 
|-
 
| width="25%" | All Email Events
 
| width="60%" | All email sessions scanned by Phish Blocker.
 
|-
 
| width="25%" | All Phish Events
 
| width="60%" | All email sessions detected as phishing attempts.
 
|-
 
| width="25%" | Quarantined Events
 
| width="60%" | All email sessions detected as phishing attempts and quarantined.
 
 
|-
 
|-
 
|}
 
|}
<section end='Phish Blocker' />
+
<section end='Policy Manager' />
  
  
== Events Reports ==  
+
== Threat Prevention Reports ==  
<section begin='Events' />
+
<section begin='Threat Prevention' />
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
!Report Entry
 
!Report Entry
 
!Description
 
!Description
 
|-
 
|-
| width="25%" | Alerts
+
| width="25%" | Web Traffic Summary
| width="60%" | Alerts over time.
+
| width="60%" | A summary of web Threat Prevention actions.
 
|-
 
|-
| width="25%" | Syslog
+
| width="25%" | Non-Web Traffic Summary
| width="60%" | Syslog events over time.
+
| width="60%" | A summary of non-web Threat Prevention actions.
 
|-
 
|-
| width="25%" | Top Syslog Events
+
| width="25%" | Web Top Scanned Threats
| width="60%" | The top syslog events.
+
| width="60%" | The number of web scanned sessions to servers grouped by threat reputation.
 
|-
 
|-
| width="25%" | Top Alerts
+
| width="25%" | Web Top Blocked Threats
| width="60%" | The top alerts.
+
| width="60%" | The number of web blocked sessions to servers grouped by threats reputation.
 
|-
 
|-
| width="25%" | Alert Events
+
| width="25%" | Web Top Scanned Categories
| width="60%" | Log of all alerts created by alert rules.
+
| width="60%" | The number of other scanned sessions to servers grouped by threat.
 
|-
 
|-
| width="25%" | Syslog Events
+
| width="25%" | Web Top Blocked Categories
| width="60%" | Log of all events created by syslog rules.
+
| width="60%" | The number of web sessions blocked grouped by threat.
 
|-
 
|-
|}
+
| width="25%" | Web Top Blocked Countries
<section end='Events' />
+
| width="60%" | Top blocked web sessions to servers grouped by country.
 
 
 
 
== Ad Blocker Reports ==
 
<section begin='Ad Blocker' />
 
{| border="1" cellpadding="2" width="85%%" align="center"
 
!Report Entry
 
!Description
 
 
|-
 
|-
| width="25%" | Ad Blocker Summary
+
| width="25%" | Web Top Scanned Hosts
| width="60%" | A summary of ad blocker actions.
+
| width="60%" | The number of web scanned sessions grouped by server.
 
|-
 
|-
| width="25%" | Ads Blocked
+
| width="25%" | Web Top Blocked Hosts
| width="60%" | The amount of detected and blocked ads over time.
+
| width="60%" | The number of web blocked session grouped by client.
 
|-
 
|-
| width="25%" | Top Blocked Ad Sites
+
| width="25%" | Non-Web Top Scanned Threats (by client)
| width="60%" | The number of blocked ads grouped by website.
+
| width="60%" | The number of non-web scanned sessions from clients grouped by threat reputation.
 
|-
 
|-
| width="25%" | All Ad Events
+
| width="25%" | Non-Web Top Blocked Threats (by client)
| width="60%" | All HTTP requests scanned by Ad Blocker.
+
| width="60%" | The number of non-web blocked sessions from clients grouped by threat reputation.
 
|-
 
|-
| width="25%" | Blocked Ad Events
+
| width="25%" | Non-Web Top Scanned Threats (by server)
| width="60%" | HTTP requests blocked by Ad Blocker.
+
| width="60%" | The number of non-web scanned sessions to servers grouped by threat reputation.
 
|-
 
|-
| width="25%" | Blocked Cookie Events
+
| width="25%" | Non-Web Top Blocked Threats (by server)
| width="60%" | Requests blocked by cookie filters.
+
| width="60%" | The number of non-web blocked sessions to servers grouped by threat reputation.
 
|-
 
|-
|}
+
| width="25%" | Non-Web Top Scanned Categories (by client)
<section end='Ad Blocker' />
+
| width="60%" | The number of non-web scanned sessions from clients grouped by threat.
 
 
 
 
== Users Reports ==
 
<section begin='Users' />
 
{| border="1" cellpadding="2" width="85%%" align="center"
 
!Report Entry
 
!Description
 
 
|-
 
|-
| width="25%" | Users Events
+
| width="25%" | Non-Web Top Blocked Categories (by client)
| width="60%" | All updates to users in the user table.
+
| width="60%" | The number of non-web blocked sessions from clients grouped by threat.
 
|-
 
|-
|}
+
| width="25%" | Non-Web Top Scanned Categories (by server)
<section end='Users' />
+
| width="60%" | The number of non-web scanned sessions to servers grouped by threat.
 
 
 
 
== Policy Manager Reports ==
 
<section begin='Policy Manager' />
 
{| border="1" cellpadding="2" width="85%%" align="center"
 
!Report Entry
 
!Description
 
 
|-
 
|-
| width="25%" | Policy Manager Summary
+
| width="25%" | Non-Web Top Blocked Categories (by server)
| width="60%" | A summary of Policy Manager actions.
+
| width="60%" | The number of non-web blocked sessions to servers grouped by threat.
 
|-
 
|-
| width="25%" | Top Policy Usage
+
| width="25%" | Non-Web Top Blocked Countries (by client)
| width="60%" | The amount of bandwidth per policy.
+
| width="60%" | Top non-web blocked sessions from clients grouped by country.
 
|-
 
|-
| width="25%" | Sessions By Policy
+
| width="25%" | Non-Web Top Blocked Countries (by server)
| width="60%" | The number of sessions for each policy.
+
| width="60%" | Top non-web blocked sessions to servers grouped by threat.
 
|-
 
|-
| width="25%" | Traffic By Policy
+
| width="25%" | Non-Web Top Scanned Clients
| width="60%" | The amount of traffic for each policy.
+
| width="60%" | The number of non-web scanned session grouped by client.
 
|-
 
|-
| width="25%" | All Events
+
| width="25%" | Non-Web Top Blocked Clients
| width="60%" | Lists all sessions with the policy manager rack that handled the session.
+
| width="60%" | The number of non-web blocked session grouped by client.
 
|-
 
|-
|}
+
| width="25%" | Non-Web Top Scanned Servers
<section end='Policy Manager' />
+
| width="60%" | The number of non-web scanned sessions grouped by server.
 
 
 
 
== Directory Connector Reports ==
 
<section begin='Directory Connector' />
 
{| border="1" cellpadding="2" width="85%%" align="center"
 
!Report Entry
 
!Description
 
 
|-
 
|-
| width="25%" | Directory Connector Summary
+
| width="25%" | Non-Web Top Blocked Server
| width="60%" | A summary of Directory Connector actions.
+
| width="60%" | The number of non-web blocked session grouped by client.
 
|-
 
|-
| width="25%" | API Usage
+
| width="25%" | All Web Events
| width="60%" | The amount of login, update and logout user notification API events over time.
+
| width="60%" | Shows all scanned web requests.
 
|-
 
|-
| width="25%" | API Events
+
| width="25%" | Blocked Web Events
| width="60%" | Events from the user notification API.
+
| width="60%" | Shows all blocked web requests.
 +
|-
 +
| width="25%" | Non-Web All Events
 +
| width="60%" | All non-web events scanned by Threat Prevention.
 +
|-
 +
| width="25%" | Non-Web Blocked Events
 +
| width="60%" | Non-web events blocked by Threat Prevention.
 
|-
 
|-
 
|}
 
|}
<section end='Directory Connector' />
+
<section end='Threat Prevention' />
  
  
== WAN Balancer Reports ==  
+
== Ad Blocker Reports ==  
<section begin='WAN Balancer' />
+
<section begin='Ad Blocker' />
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
!Report Entry
 
!Report Entry
 
!Description
 
!Description
 
|-
 
|-
| width="25%" | WAN Balancer Summary
+
| width="25%" | Ad Blocker Summary
| width="60%" | A summary of WAN Balancer actions.
+
| width="60%" | A summary of ad blocker actions.
 
|-
 
|-
| width="25%" | Sessions By Interface
+
| width="25%" | Ads Blocked
| width="60%" | The number of sessions destined to each interface.
+
| width="60%" | The amount of detected and blocked ads over time.
 
|-
 
|-
| width="25%" | Bytes By Interface
+
| width="25%" | Top Blocked Ad Sites
 +
| width="60%" | The number of blocked ads grouped by website.
 +
|-
 +
| width="25%" | All Ad Events
 +
| width="60%" | All HTTP requests scanned by Ad Blocker.
 +
|-
 +
| width="25%" | Blocked Ad Events
 +
| width="60%" | HTTP requests blocked by Ad Blocker.
 +
|-
 +
| width="25%" | Blocked Cookie Events
 +
| width="60%" | Requests blocked by cookie filters.
 +
|-
 +
|}
 +
<section end='Ad Blocker' />
 +
 
 +
 
 +
== WAN Balancer Reports ==
 +
<section begin='WAN Balancer' />
 +
{| border="1" cellpadding="2" width="85%%" align="center"
 +
!Report Entry
 +
!Description
 +
|-
 +
| width="25%" | WAN Balancer Summary
 +
| width="60%" | A summary of WAN Balancer actions.
 +
|-
 +
| width="25%" | Sessions By Interface
 +
| width="60%" | The number of sessions destined to each interface.
 +
|-
 +
| width="25%" | Bytes By Interface
 
| width="60%" | The number of bytes destined to each interface.
 
| width="60%" | The number of bytes destined to each interface.
 
|-
 
|-
Line 538: Line 575:
 
| width="25%" | Email Usage (spam)
 
| width="25%" | Email Usage (spam)
 
| width="60%" | The amount of spam email over time.
 
| width="60%" | The amount of spam email over time.
 +
|-
 +
| width="25%" | Spam Ratio
 +
| width="60%" | The ratio of spam (true) to ham (false)
 
|-
 
|-
 
| width="25%" | Top Spam Recipients
 
| width="25%" | Top Spam Recipients
 
| width="60%" | The number of email addresses with spam.
 
| width="60%" | The number of email addresses with spam.
|-
 
| width="25%" | Spam Ratio
 
| width="60%" | The ratio of spam (true) to ham (false)
 
 
|-
 
|-
 
| width="25%" | Top Spam Sender Addresses
 
| width="25%" | Top Spam Sender Addresses
Line 564: Line 601:
  
  
== SSL Inspector Reports ==  
+
== IPsec VPN Reports ==  
<section begin='SSL Inspector' />
+
<section begin='IPsec VPN' />
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
!Report Entry
 
!Report Entry
 
!Description
 
!Description
 
|-
 
|-
| width="25%" | SSL Inspector Summary
+
| width="25%" | IPsec VPN Summary
| width="60%" | A summary of SSL Inspector actions.
+
| width="60%" | A summary of IPsec VPN actions.
 
|-
 
|-
| width="25%" | Sessions Scanned
+
| width="25%" | Hourly Tunnel Traffic
| width="60%" | The amount of SSL sessions over time.
+
| width="60%" | The amount of IPsec tunnel traffic over time.
 
|-
 
|-
| width="25%" | Sessions Inspected
+
| width="25%" | Top Tunnel Traffic
| width="60%" | The amount of inspected SSL sessions over time.
+
| width="60%" | The amount of traffic for each IPsec tunnel.
 
|-
 
|-
| width="25%" | Top Inspected Sites
+
| width="25%" | Top Active Users
| width="60%" | The number of inspected sessions grouped by site.
+
| width="60%" | The top IPsec VPN users by number of sessions.
 
|-
 
|-
| width="25%" | Top Ignored Sites
+
| width="25%" | Top Download Users
| width="60%" | The number of ignored sessions grouped by site.
+
| width="60%" | The top IPsec users grouped by amount of data downloaded.
 
|-
 
|-
| width="25%" | All Sessions
+
| width="25%" | Top Upload Users
| width="60%" | All sessions detected by SSL Inspector.
+
| width="60%" | The top IPsec users grouped by amount of data uploaded.
 
|-
 
|-
| width="25%" | Inspected Sessions
+
| width="25%" | Top Protocols
| width="60%" | Events where traffic was fully processed by the inspector, and all traffic was passed through all the other applications and services.
+
| width="60%" | The top IPsec VPN connections by protocol.
 
|-
 
|-
| width="25%" | Ignored Sessions
+
| width="25%" | L2TP/Xauth Events
| width="60%" | Events where traffic was not or could not be inspected, so the traffic was completely ignored and not analyzed by any applications or services.
+
| width="60%" | Shows all user L2TP/Xauth events.
 
|-
 
|-
| width="25%" | Blocked Sessions
+
| width="25%" | Tunnel Connection Events
| width="60%" | Events where traffic was blocked because it did not contain a valid SSL request, and the Block Invalid Traffic option was enabled.
+
| width="60%" | Shows all IPsec VPN tunnel connection events.
 
|-
 
|-
| width="25%" | Untrusted Sessions
+
| width="25%" | Tunnel Traffic Events
| width="60%" | Events where traffic was blocked because the server certificate could not be authenticated.
+
| width="60%" | Shows all IPsec tunnel traffic statistics events.
|-
 
| width="25%" | Abandoned Sessions
 
| width="60%" | Events where traffic was blocked due to an underlying problems with the SSL session.
 
 
|-
 
|-
 
|}
 
|}
<section end='SSL Inspector' />
+
<section end='IPsec VPN' />
  
  
== Application Control Reports ==  
+
== SSL Inspector Reports ==  
<section begin='Application Control' />
+
<section begin='SSL Inspector' />
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
!Report Entry
 
!Report Entry
 
!Description
 
!Description
 
|-
 
|-
| width="25%" | Application Control Summary
+
| width="25%" | SSL Inspector Summary
| width="60%" | A summary of Application Control actions.
+
| width="60%" | A summary of SSL Inspector actions.
 
|-
 
|-
| width="25%" | Top Applications Usage
+
| width="25%" | Sessions Scanned
| width="60%" | The amount of bandwidth per top application.
+
| width="60%" | The amount of SSL sessions over time.
 
|-
 
|-
| width="25%" | Scanned Sessions (all)
+
| width="25%" | Sessions Inspected
| width="60%" | The amount of scanned, flagged, and blocked sessions over time.
+
| width="60%" | The amount of inspected SSL sessions over time.
 
|-
 
|-
| width="25%" | Scanned Sessions (flagged)
+
| width="25%" | Top Inspected Sites
| width="60%" | The amount of flagged, and blocked sessions over time.
+
| width="60%" | The number of inspected sessions grouped by site.
 
|-
 
|-
| width="25%" | Scanned Sessions (blocked)
+
| width="25%" | Top Ignored Sites
| width="60%" | The amount of flagged, and blocked sessions over time.
+
| width="60%" | The number of ignored sessions grouped by site.
 
|-
 
|-
| width="25%" | Top Categories (by sessions)
+
| width="25%" | All Sessions
| width="60%" | The number of sessions grouped by category.
+
| width="60%" | All sessions detected by SSL Inspector.
 
|-
 
|-
| width="25%" | Top Applications (by sessions)
+
| width="25%" | Inspected Sessions
| width="60%" | The number of sessions grouped by application.
+
| width="60%" | Events where traffic was fully processed by the inspector, and all traffic was passed through all the other applications and services.
 
|-
 
|-
| width="25%" | Top Applications (by size)
+
| width="25%" | Ignored Sessions
| width="60%" | The number of bytes grouped by application.
+
| width="60%" | Events where traffic was not or could not be inspected, so the traffic was completely ignored and not analyzed by any applications or services.
 
|-
 
|-
| width="25%" | Top Flagged Applications
+
| width="25%" | Blocked Sessions
| width="60%" | The number of flagged sessions grouped by application.
+
| width="60%" | Events where traffic was blocked because it did not contain a valid SSL request, and the Block Invalid Traffic option was enabled.
 
|-
 
|-
| width="25%" | Top Blocked Applications
+
| width="25%" | Untrusted Sessions
| width="60%" | The number of blocked sessions grouped by application.
+
| width="60%" | Events where traffic was blocked because the server certificate could not be authenticated.
 
|-
 
|-
| width="25%" | Top Flagged Hostnames
+
| width="25%" | Abandoned Sessions
| width="60%" | The number of flagged sessions grouped by hostname.
+
| width="60%" | Events where traffic was blocked due to an underlying problems with the SSL session.
 
|-
 
|-
| width="25%" | Top Blocked Hostnames
+
|}
| width="60%" | The number of blocked sessions grouped by hostname.
+
<section end='SSL Inspector' />
|-
+
 
| width="25%" | Top Flagged Clients
+
 
| width="60%" | The number of flagged sessions grouped by client.
+
== Application Control Reports ==
 +
<section begin='Application Control' />
 +
{| border="1" cellpadding="2" width="85%%" align="center"  
 +
!Report Entry
 +
!Description
 
|-
 
|-
| width="25%" | Top Blocked Clients
+
| width="25%" | Application Control Summary
| width="60%" | The number of blocked sessions grouped by client.
+
| width="60%" | A summary of Application Control actions.
 
|-
 
|-
| width="25%" | Top Flagged Usernames
+
| width="25%" | Top Applications Usage
| width="60%" | The number of flagged sessions grouped by username.
+
| width="60%" | The amount of bandwidth per top application.
 
|-
 
|-
| width="25%" | Top Blocked Usernames
+
| width="25%" | Scanned Sessions (all)
| width="60%" | The number of blocked sessions grouped by username.
+
| width="60%" | The amount of scanned, flagged, and blocked sessions over time.
 
|-
 
|-
| width="25%" | Classified Sessions
+
| width="25%" | Scanned Sessions (flagged)
| width="60%" | All sessions matching an application control signature.
+
| width="60%" | The amount of flagged, and blocked sessions over time.
 
|-
 
|-
| width="25%" | Flagged Sessions
+
| width="25%" | Scanned Sessions (blocked)
| width="60%" | All sessions matching an application control signature and flagged.
+
| width="60%" | The amount of flagged, and blocked sessions over time.
 
|-
 
|-
| width="25%" | Blocked Sessions
+
| width="25%" | Top Categories (by sessions)
| width="60%" | All sessions matching an application control signature and blocked.
+
| width="60%" | The number of sessions grouped by category.
 
|-
 
|-
| width="25%" | All Sessions
+
| width="25%" | Top Applications (by sessions)
| width="60%" | All sessions scanned by Application Control.
+
| width="60%" | The number of sessions grouped by application.
 
|-
 
|-
|}
+
| width="25%" | Top Applications (by size)
<section end='Application Control' />
+
| width="60%" | The number of bytes grouped by application.
 
 
 
 
== Web Monitor Reports ==
 
<section begin='Web Monitor' />
 
{| border="1" cellpadding="2" width="85%%" align="center"
 
!Report Entry
 
!Description
 
 
|-
 
|-
| width="25%" | Web Monitor Summary
+
| width="25%" | Top Flagged Applications
| width="60%" | A summary of web monitor actions.
+
| width="60%" | The number of flagged sessions grouped by application.
 
|-
 
|-
| width="25%" | Web Usage
+
| width="25%" | Top Blocked Applications
| width="60%" | The amount of total and flagged web requests over time.
+
| width="60%" | The number of blocked sessions grouped by application.
 
|-
 
|-
| width="25%" | Web Usage (scanned)
+
| width="25%" | Top Flagged Hostnames
| width="60%" | The amount of total web requests over time.
+
| width="60%" | The number of flagged sessions grouped by hostname.
 
|-
 
|-
| width="25%" | Web Usage (flagged)
+
| width="25%" | Top Blocked Hostnames
| width="60%" | The amount of flagged web requests over time.
+
| width="60%" | The number of blocked sessions grouped by hostname.
 
|-
 
|-
| width="25%" | Top Categories (by request)
+
| width="25%" | Top Flagged Clients
| width="60%" | The number of web requests grouped by category.
+
| width="60%" | The number of flagged sessions grouped by client.
 
|-
 
|-
| width="25%" | Top Categories (by size)
+
| width="25%" | Top Blocked Clients
| width="60%" | The sum of the size of requested web content grouped by category.
+
| width="60%" | The number of blocked sessions grouped by client.
 
|-
 
|-
| width="25%" | Top Flagged Categories
+
| width="25%" | Top Flagged Usernames
| width="60%" | The number of flagged web requests grouped by category.
+
| width="60%" | The number of flagged sessions grouped by username.
 
|-
 
|-
| width="25%" | Top Sites (by request)
+
| width="25%" | Top Blocked Usernames
| width="60%" | The number of web requests grouped by website.
+
| width="60%" | The number of blocked sessions grouped by username.
 
|-
 
|-
| width="25%" | Top Sites (by size)
+
| width="25%" | Classified Sessions
| width="60%" | The sum of the size of requested web content grouped by website.
+
| width="60%" | All sessions matching an application control signature.
 
|-
 
|-
| width="25%" | Top Flagged Sites
+
| width="25%" | Flagged Sessions
| width="60%" | The number of flagged web requests grouped by website.
+
| width="60%" | All sessions matching an application control signature and flagged.
 
|-
 
|-
| width="25%" | Top Domains (by request)
+
| width="25%" | Blocked Sessions
| width="60%" | The number of web requests grouped by domain.
+
| width="60%" | All sessions matching an application control signature and blocked.
 
|-
 
|-
| width="25%" | Top Domains (by size)
+
| width="25%" | All Sessions
| width="60%" | The sum of the size of requested web content grouped by domain.
+
| width="60%" | All sessions scanned by Application Control.
 
|-
 
|-
| width="25%" | Top Flagged Domains
+
|}
| width="60%" | The number of flagged web requests grouped by domain.
+
<section end='Application Control' />
 +
 
 +
 
 +
== Web Monitor Reports ==
 +
<section begin='Web Monitor' />
 +
{| border="1" cellpadding="2" width="85%%" align="center"  
 +
!Report Entry
 +
!Description
 
|-
 
|-
| width="25%" | Top Domains Usage
+
| width="25%" | Web Monitor Summary
| width="60%" | The amount of web requests per top domain.
+
| width="60%" | A summary of web monitor actions.
 
|-
 
|-
| width="25%" | Top Hostnames (by requests)
+
| width="25%" | Web Usage
| width="60%" | The number of web requests grouped by hostname.
+
| width="60%" | The amount of total and flagged web requests over time.
 
|-
 
|-
| width="25%" | Top Hostnames (by size)
+
| width="25%" | Web Usage (scanned)
| width="60%" | The sum of the size of requested web content grouped by hostname.
+
| width="60%" | The amount of total web requests over time.
 
|-
 
|-
| width="25%" | Top Flagged Hostnames
+
| width="25%" | Web Usage (flagged)
| width="60%" | The number of flagged web request grouped by hostname.
+
| width="60%" | The amount of flagged web requests over time.
 
|-
 
|-
| width="25%" | Top Clients (by requests)
+
| width="25%" | Top Categories (by request)
| width="60%" | The number of web requests grouped by client.
+
| width="60%" | The number of web requests grouped by category.
 
|-
 
|-
| width="25%" | Top Clients (by size)
+
| width="25%" | Top Categories (by size)
| width="60%" | The sum of the size of requested web content grouped by client.
+
| width="60%" | The sum of the size of requested web content grouped by category.
 
|-
 
|-
| width="25%" | Top Flagged Clients
+
| width="25%" | Top Flagged Categories
| width="60%" | The number of flagged web request grouped by client.
+
| width="60%" | The number of flagged web requests grouped by category.
 
|-
 
|-
| width="25%" | Top Usernames (by requests)
+
| width="25%" | Top Sites (by request)
| width="60%" | The number of web requests grouped by username.
+
| width="60%" | The number of web requests grouped by website.
 
|-
 
|-
| width="25%" | Top Usernames (by size)
+
| width="25%" | Top Sites (by size)
| width="60%" | The sum of the size of requested web content grouped by username.
+
| width="60%" | The sum of the size of requested web content grouped by website.
 
|-
 
|-
| width="25%" | Top Flagged Usernames
+
| width="25%" | Top Flagged Sites
| width="60%" | The number of flagged web request grouped by username.
+
| width="60%" | The number of flagged web requests grouped by website.
 
|-
 
|-
| width="25%" | Top Content (by request)
+
| width="25%" | Top Domains (by request)
| width="60%" | The number of web requests grouped by category.
+
| width="60%" | The number of web requests grouped by domain.
 
|-
 
|-
| width="25%" | Top Content (by size)
+
| width="25%" | Top Domains (by size)
| width="60%" | The sum of the size of requested web content grouped by category.
+
| width="60%" | The sum of the size of requested web content grouped by domain.
 
|-
 
|-
| width="25%" | All Web Events
+
| width="25%" | Top Flagged Domains
| width="60%" | Shows all scanned web requests.
+
| width="60%" | The number of flagged web requests grouped by domain.
 
|-
 
|-
| width="25%" | Flagged Web Events
+
| width="25%" | Top Domains Usage
| width="60%" | Shows all flagged web requests.
+
| width="60%" | The amount of web requests per top domain.
 
|-
 
|-
| width="25%" | All HTTP Events
+
| width="25%" | Top Hostnames (by requests)
| width="60%" | Shows all scanned unencrypted HTTP requests.
+
| width="60%" | The number of web requests grouped by hostname.
 
|-
 
|-
| width="25%" | All HTTPS Events
+
| width="25%" | Top Hostnames (by size)
| width="60%" | Shows all encrypted HTTPS requests.
+
| width="60%" | The sum of the size of requested web content grouped by hostname.
 
|-
 
|-
| width="25%" | All Query Events
+
| width="25%" | Top Flagged Hostnames
| width="60%" | Shows all search querires processed by Web Monitor.
+
| width="60%" | The number of flagged web request grouped by hostname.
 
|-
 
|-
|}
+
| width="25%" | Top Clients (by requests)
<section end='Web Monitor' />
+
| width="60%" | The number of web requests grouped by client.
 
 
 
 
== Web Cache Reports ==
 
<section begin='Web Cache' />
 
{| border="1" cellpadding="2" width="85%%" align="center"
 
!Report Entry
 
!Description
 
 
|-
 
|-
| width="25%" | Web Cache Summary
+
| width="25%" | Top Clients (by size)
| width="60%" | A summary of Web Cache actions.
+
| width="60%" | The sum of the size of requested web content grouped by client.
 
|-
 
|-
| width="25%" | Cache Hit/Miss Statistics
+
| width="25%" | Top Flagged Clients
| width="60%" | The number of cache hits, misses, and sessions bypassed over time.
+
| width="60%" | The number of flagged web request grouped by client.
 
|-
 
|-
| width="25%" | Cache Size Statistics
+
| width="25%" | Top Usernames (by requests)
| width="60%" | The amount of cached and uncached web data over time.
+
| width="60%" | The number of web requests grouped by username.
 
|-
 
|-
| width="25%" | Web Cache Events
+
| width="25%" | Top Usernames (by size)
| width="60%" | All HTTP events processed by Web Cache.
+
| width="60%" | The sum of the size of requested web content grouped by username.
 
|-
 
|-
|}
+
| width="25%" | Top Flagged Usernames
<section end='Web Cache' />
+
| width="60%" | The number of flagged web request grouped by username.
 
 
 
 
== IPsec VPN Reports ==
 
<section begin='IPsec VPN' />
 
{| border="1" cellpadding="2" width="85%%" align="center"
 
!Report Entry
 
!Description
 
 
|-
 
|-
| width="25%" | IPsec VPN Summary
+
| width="25%" | Top Content (by request)
| width="60%" | A summary of IPsec VPN actions.
+
| width="60%" | The number of web requests grouped by category.
 
|-
 
|-
| width="25%" | Hourly Tunnel Traffic
+
| width="25%" | Top Content (by size)
| width="60%" | The amount of IPsec tunnel traffic over time.
+
| width="60%" | The sum of the size of requested web content grouped by category.
 
|-
 
|-
| width="25%" | Top Tunnel Traffic
+
| width="25%" | Top Searches
| width="60%" | The amount of traffic for each IPsec tunnel.
+
| width="60%" | The number of non blocked, non-flagged search queries grouped by term.
 +
|-
 +
| width="25%" | Top Flagged Searches
 +
| width="60%" | The number of flagged search queries grouped by term.
 
|-
 
|-
| width="25%" | Top Active Users
+
| width="25%" | All Web Events
| width="60%" | The top IPsec VPN users by number of sessions.
+
| width="60%" | Shows all scanned web requests.
 
|-
 
|-
| width="25%" | Top Download Users
+
| width="25%" | Flagged Web Events
| width="60%" | The top IPsec users grouped by amount of data downloaded.
+
| width="60%" | Shows all flagged web requests.
 
|-
 
|-
| width="25%" | Top Upload Users
+
| width="25%" | All HTTP Events
| width="60%" | The top IPsec users grouped by amount of data uploaded.
+
| width="60%" | Shows all scanned unencrypted HTTP requests.
 
|-
 
|-
| width="25%" | Top Protocols
+
| width="25%" | All HTTPS Events
| width="60%" | The top IPsec VPN connections by protocol.
+
| width="60%" | Shows all encrypted HTTPS requests.
 
|-
 
|-
| width="25%" | L2TP/Xauth Events
+
| width="25%" | All Search Events
| width="60%" | Shows all user L2TP/Xauth events.
+
| width="60%" | Shows all search queries processed by Web Monitor.
 
|-
 
|-
| width="25%" | Tunnel Traffic Events
+
| width="25%" | Flagged Search Events
| width="60%" | Shows all IPsec tunnel traffic statistics events.
+
| width="60%" | Shows flagged search queries processed by Web Monitor.
 
|-
 
|-
 
|}
 
|}
<section end='IPsec VPN' />
+
<section end='Web Monitor' />
  
  
== Intrusion Prevention Reports ==  
+
== Web Cache Reports ==  
<section begin='Intrusion Prevention' />
+
<section begin='Web Cache' />
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
!Report Entry
 
!Report Entry
 
!Description
 
!Description
 
|-
 
|-
| width="25%" | Intrusion Prevention Summary
+
| width="25%" | Web Cache Summary
| width="60%" | A summary of intrusion detection and prevention actions.
+
| width="60%" | A summary of Web Cache actions.
 
|-
 
|-
| width="25%" | Intrusion Detection (all)
+
| width="25%" | Cache Hit-Miss Statistics
| width="60%" | The amount of detected and blocked intrusions over time.
+
| width="60%" | The number of cache hits, misses, and sessions bypassed over time.
 
|-
 
|-
| width="25%" | Intrusion Detection (logged)
+
| width="25%" | Cache Size Statistics
| width="60%" | The amount of detected intrusions over time.
+
| width="60%" | The amount of cached and uncached web data over time.
 
|-
 
|-
| width="25%" | Intrusion Detection (blocked)
+
| width="25%" | Web Cache Events
| width="60%" | The amount of blocked intrusions over time.
+
| width="60%" | All HTTP events processed by Web Cache.
 
|-
 
|-
| width="25%" | Top Rules (logged)
+
|}
| width="60%" | The number of intrusions detected grouped by rule.
+
<section end='Web Cache' />
|-
+
 
| width="25%" | Top Rules (blocked)
+
 
| width="60%" | The number of intrusions blocked by rule.
+
== Directory Connector Reports ==
 +
<section begin='Directory Connector' />
 +
{| border="1" cellpadding="2" width="85%%" align="center"  
 +
!Report Entry
 +
!Description
 
|-
 
|-
| width="25%" | Top Classtypes (logged)
+
| width="25%" | Directory Connector Summary
| width="60%" | The number of intrusions detected grouped by classtype.
+
| width="60%" | A summary of Directory Connector actions.
 
|-
 
|-
| width="25%" | Top Classtypes (blocked)
+
| width="25%" | API Usage
| width="60%" | The number of intrusions blocked by classtype.
+
| width="60%" | The amount of login, update and logout user notification API events over time.
 
|-
 
|-
| width="25%" | Top Categories (logged)
+
| width="25%" | API Events
| width="60%" | The number of intrusions detected grouped by category.
+
| width="60%" | Events from the user notification API.
 
|-
 
|-
| width="25%" | Top Categories (blocked)
+
|}
| width="60%" | The number of intrusions blocked by category.
+
<section end='Directory Connector' />
|-
+
 
| width="25%" | Top Source IP Addresses (logged)
+
 
| width="60%" | The number of intrusions detected grouped by source IP address.
+
== Intrusion Prevention Reports ==
|-
+
<section begin='Intrusion Prevention' />
| width="25%" | Top Source IP Addresses (blocked)
+
{| border="1" cellpadding="2" width="85%%" align="center"  
| width="60%" | The number of intrusions blocked by source IP address.
+
!Report Entry
 +
!Description
 
|-
 
|-
| width="25%" | Top Source Ports (logged)
+
| width="25%" | Intrusion Prevention Summary
| width="60%" | The number of intrusions detected grouped by source port.
+
| width="60%" | A summary of intrusion detection and prevention actions.
 
|-
 
|-
| width="25%" | Top Source Port (blocked)
+
| width="25%" | Intrusion Detection (all)
| width="60%" | The number of intrusions blocked by source port.
+
| width="60%" | The amount of detected and blocked intrusions over time.
 
|-
 
|-
| width="25%" | Top Destination IP Addresses (logged)
+
| width="25%" | Intrusion Detection (logged)
| width="60%" | The number of intrusions detected grouped by destination IP address.
+
| width="60%" | The amount of detected intrusions over time.
 
|-
 
|-
| width="25%" | Top Destination IP Addresses (blocked)
+
| width="25%" | Intrusion Detection (blocked)
| width="60%" | The number of intrusions blocked by destination IP address.
+
| width="60%" | The amount of blocked intrusions over time.
 
|-
 
|-
| width="25%" | Top Destination Ports (logged)
+
| width="25%" | Top Rules (all)
| width="60%" | The number of intrusions detected grouped by destination port.
+
| width="60%" | The number of intrusions detevted by rule.
 
|-
 
|-
| width="25%" | Top Destination Port (blocked)
+
| width="25%" | Top Rules (logged)
| width="60%" | The number of intrusions blocked by destination port.
+
| width="60%" | The number of intrusions logged by rule.
 
|-
 
|-
| width="25%" | Top Protocols (logged)
+
| width="25%" | Top Rules (blocked)
| width="60%" | The number of intrusions detected grouped by protocol.
+
| width="60%" | The number of intrusions blocked by rule.
 
|-
 
|-
| width="25%" | Top Protocols (blocked)
+
| width="25%" | Top Signatures (all)
| width="60%" | The number of intrusions blocked by protocol.
+
| width="60%" | The number of intrusions detected by signature.
 
|-
 
|-
| width="25%" | All Events
+
| width="25%" | Top Signatures (logged)
| width="60%" | All sessions scanned by Intrusion Prevention.
+
| width="60%" | The number of intrusions logged by signature.
 
|-
 
|-
| width="25%" | Blocked Events
+
| width="25%" | Top Signatures (blocked)
| width="60%" | All sessions matching Intrusion Prevention signatures and blocked.
+
| width="60%" | The number of intrusions blocked by signature.
 
|-
 
|-
|}
+
| width="25%" | Top Classtypes (all)
<section end='Intrusion Prevention' />
+
| width="60%" | The number of intrusions detected by classtype.
 
 
== Threat Prevention Reports ==
 
<section begin='Threat Prevention' />
 
{| border="1" cellpadding="2" width="85%%" align="center"
 
!Report Entry
 
!Description
 
 
|-
 
|-
| width="25%" | Web Traffic Summary
+
| width="25%" | Top Classtypes (logged)
| width="60%" | A summary of web Threat Prevention actions.
+
| width="60%" | The number of intrusions logged by classtype.
 
|-
 
|-
| width="25%" | Non-Web Traffic Summary
+
| width="25%" | Top Classtypes (blocked)
| width="60%" | A summary of non web sessions scanned by Threat Prevention and their actions.
+
| width="60%" | The number of intrusions blocked by classtype.
 
|-
 
|-
| width="25%" | Web Top Scanned Threats
+
| width="25%" | Top Categories (all)
| width="60%" | The number of web scanned sessions to servers grouped by threat reputation.
+
| width="60%" | The number of intrusions detected by category.
 
|-
 
|-
| width="25%" | Web Top Blocked Threats
+
| width="25%" | Top Categories (logged)
| width="60%" | The number of web blocked sessions to servers grouped by threats reputation.
+
| width="60%" | The number of intrusions logged by category.
 
|-
 
|-
| width="25%" | Web Top Scanned Categories
+
| width="25%" | Top Categories (blocked)
| width="60%" | The number of other scanned sessions to servers grouped by threat.
+
| width="60%" | The number of intrusions blocked by category.
 
|-
 
|-
| width="25%" | Web Top Blocked Categories
+
| width="25%" | Top Source IP Addresses (all)
| width="60%" | The number of web sessions blocked grouped by threat.
+
| width="60%" | The number of intrusions detected by source IP address.
 +
|-
 +
| width="25%" | Top Source IP Addresses (logged)
 +
| width="60%" | The number of intrusions logged by source IP address.
 
|-
 
|-
| width="25%" | Web Top Blocked Countries
+
| width="25%" | Top Source IP Addresses (blocked)
| width="60%" | Top blocked web sessions to servers grouped by country.
+
| width="60%" | The number of intrusions blocked by source IP address.
 
|-
 
|-
| width="25%" | Web Top Scanned Hosts
+
| width="25%" | Top Source Ports (all)
| width="60%" | The number of web scanned sessions grouped by server.
+
| width="60%" | The number of intrusions detected by source port.
 
|-
 
|-
| width="25%" | Web Top Blocked Hosts
+
| width="25%" | Top Source Ports (logged)
| width="60%" | The number of web blocked session grouped by client.
+
| width="60%" | The number of intrusions logged by source port.
 
|-
 
|-
| width="25%" | Non-Web Top Scanned Threats (by client)
+
| width="25%" | Top Source Ports (blocked)
| width="60%" | The number of non-web scanned sessions from clients grouped by threat reputation.
+
| width="60%" | The number of intrusions blocked by source port.
 
|-
 
|-
| width="25%" | Non-Web Top Blocked Threats (by client)
+
| width="25%" | Top Destination IP Addresses (all)
| width="60%" | The number of non-web blocked sessions from clients grouped by threat reputation.
+
| width="60%" | The number of intrusions detected by destination IP address.
 
|-
 
|-
| width="25%" | Non-Web Top Scanned Threats (by server)
+
| width="25%" | Top Destination IP Addresses (logged)
| width="60%" | The number of non-web scanned sessions to servers grouped by threat reputation.
+
| width="60%" | The number of intrusions logged by destination IP address.
 
|-
 
|-
| width="25%" | Non-Web Top Blocked Threats (by server)
+
| width="25%" | Top Destination IP Addresses (blocked)
| width="60%" | The number of non-web blocked sessions to servers grouped by threat reputation.
+
| width="60%" | The number of intrusions blocked by destination IP address.
 
|-
 
|-
| width="25%" | Non-Web Top Scanned Categories (by client)
+
| width="25%" | Top Destination Ports (all)
| width="60%" | The number of non-web scanned sessions from clients grouped by threat.
+
| width="60%" | The number of intrusions detected by destination port.
 
|-
 
|-
| width="25%" | Non-Web Top Blocked Categories (by client)
+
| width="25%" | Top Destination Ports (logged)
| width="60%" | The number of non-web blocked sessions from clients grouped by threat.
+
| width="60%" | The number of intrusions logged by destination port.
 
|-
 
|-
| width="25%" | Non-Web Top Scanned Categories (by server)
+
| width="25%" | Top Destination Ports (blocked)
| width="60%" | The number of non-web scanned sessions to servers grouped by threat.
+
| width="60%" | The number of intrusions blocked by destination port.
 
|-
 
|-
| width="25%" | Non-Web Top Blocked Categories (by server)
+
| width="25%" | Top Protocols (all)
| width="60%" | The number of non-web blocked sessions to servers grouped by threat.
+
| width="60%" | The number of intrusions detected by protocol.
 
|-
 
|-
| width="25%" | Non-Web Top Blocked Countries (by client)
+
| width="25%" | Top Protocols (logged)
| width="60%" | Top non-web blocked sessions from clients grouped by country.
+
| width="60%" | The number of intrusions logged by protocol.
 
|-
 
|-
| width="25%" | Non-Web Top Blocked Countries (by server)
+
| width="25%" | Top Protocols (blocked)
| width="60%" | Top non-web blocked sessions to servers grouped by threat.
+
| width="60%" | The number of intrusions blocked by protocol.
 
|-
 
|-
| width="25%" | Non-Web Top Scanned Clients
+
| width="25%" | All Events
| width="60%" | The number of non-web scanned session grouped by client.
+
| width="60%" | All sessions scanned by Intrusion Prevention.
 
|-
 
|-
| width="25%" | Non-Web Top Blocked Clients
+
| width="25%" | Logged Events
| width="60%" | The number of non-web blocked session grouped by client.
+
| width="60%" | All sessions matching Intrusion Prevention signatures and logged.
 
|-
 
|-
| width="25%" | Non-Web Top Scanned Servers
+
| width="25%" | Blocked Events
| width="60%" | The number of non-web scanned sessions grouped by server.
+
| width="60%" | All sessions matching Intrusion Prevention signatures and blocked.
 
|-
 
|-
| width="25%" | Non-Web Top Blocked Server
+
|}
| width="60%" | The number of non-web blocked session grouped by client.
+
<section end='Intrusion Prevention' />
|-
+
 
| width="25%" | All Web Events
 
| width="60%" | Shows all scanned web requests.
 
|-
 
| width="25%" | Blocked Web Events
 
| width="60%" | Shows all blocked web requests.
 
|-
 
| width="25%" | Non-Web All Events
 
| width="60%" | All non-web events scanned by Threat Prevention.
 
|-
 
| width="25%" | Non-Web Blocked Events
 
| width="60%" | Non-web events blocked by Threat Prevention.
 
|-
 
|}
 
<section end='Threat Prevention' />
 
  
 
== Devices Reports ==  
 
== Devices Reports ==  
Line 1,020: Line 1,035:
  
  
== System Reports ==  
+
== Bandwidth Control Reports ==  
<section begin='System' />
+
<section begin='Bandwidth Control' />
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
{| border="1" cellpadding="2" width="85%%" align="center"  
 
!Report Entry
 
!Report Entry
 
!Description
 
!Description
 
|-
 
|-
| width="25%" | CPU Load
+
| width="25%" | Bandwidth Control Summary
| width="60%" | The CPU load over time.
+
| width="60%" | A summary of Bandwidth Control actions.
 
|-
 
|-
| width="25%" | Disk Usage
+
| width="25%" | Bandwidth Usage
| width="60%" | The disk utilization over time.
+
| width="60%" | The approximate averaged data transfer rate (total, sent, received) over time.
 
|-
 
|-
| width="25%" | Memory Usage
+
| width="25%" | Top Hostnames Usage
| width="60%" | The amount of free memory over time.
+
| width="60%" | The bandwidth usage of the top hostnames.
 
|-
 
|-
| width="25%" | Swap Usage
+
| width="25%" | Top Hostnames (by total bytes)
| width="60%" | The swap utilization over time as a percent of total swap size .
+
| width="60%" | The sum of the data transferred grouped by hostname.
 
|-
 
|-
| width="25%" | Swap Usage Bytes
+
| width="25%" | Top Hostnames (by received bytes)
| width="60%" | The swap utilization over time.
+
| width="60%" | The sum of the received data grouped by hostname.
 
|-
 
|-
| width="25%" | Highest Active Hosts
+
| width="25%" | Top Hostnames (by sent bytes)
| width="60%" | The highest number of active hosts.
+
| width="60%" | The sum of the sent data grouped by hostname.
 
|-
 
|-
| width="25%" | Server Status Events
+
| width="25%" | Top Clients Usage
| width="60%" | All system status events.
+
| width="60%" | The bandwidth usage of the top clients.
 
|-
 
|-
|}
+
| width="25%" | Top Clients (by total bytes)
<section end='System' />
+
| width="60%" | The sum of the data transferred grouped by client address.
 
 
 
 
== Hosts Reports ==
 
<section begin='Hosts' />
 
{| border="1" cellpadding="2" width="85%%" align="center"
 
!Report Entry
 
!Description
 
 
|-
 
|-
| width="25%" | Hosts Active
+
| width="25%" | Top Usernames Usage
| width="60%" | The amount of active hosts by time.
+
| width="60%" | The bandwidth usage of the top usernames.
 
|-
 
|-
| width="25%" | Hosts Additions
+
| width="25%" | Top Usernames (by total bytes)
| width="60%" | The amount of hosts add and removed from the host table over time.
+
| width="60%" | The sum of the data transferred grouped by username.
 
|-
 
|-
| width="25%" | Hosts Updates
+
| width="25%" | Top Server Port Usage
| width="60%" | The number of updates to the host table over time.
+
| width="60%" | The bandwidth usage by top server port.
 
|-
 
|-
| width="25%" | Hosts Events
+
| width="25%" | Top Ports (by total bytes)
| width="60%" | All updates to hosts in the host table.
+
| width="60%" | The sum of the data transferred grouped by server port.
 
|-
 
|-
| width="25%" | Penalty Box Events
+
| width="25%" | Top Ports (by received bytes)
| width="60%" | Shows when hosts are tagged with penalty-box or have the tag removed.
+
| width="60%" | The sum of the data received grouped by server port.
 
|-
 
|-
|}
+
| width="25%" | Top Ports (by sent bytes)
<section end='Hosts' />
+
| width="60%" | The sum of the data sent grouped by server port.
 
 
 
 
== Web Filter Reports ==
 
<section begin='Web Filter' />
 
{| border="1" cellpadding="2" width="85%%" align="center"
 
!Report Entry
 
!Description
 
 
|-
 
|-
| width="25%" | Web Filter Summary
+
| width="25%" | Top Applications Usage
| width="60%" | A summary of web filter actions.
+
| width="60%" | The bandwidth usage of the top applications.
 
|-
 
|-
| width="25%" | Web Usage
+
| width="25%" | Top Application (by total bytes)
| width="60%" | The amount of total, flagged, and blocked web requests over time.
+
| width="60%" | The sum of the data transferred grouped by Application Control application.
 
|-
 
|-
| width="25%" | Web Usage (scanned)
+
| width="25%" | Top Application (by received bytes)
| width="60%" | The amount of total, flagged, and blocked web requests over time.
+
| width="60%" | The sum of the data sent grouped by Application Control application.
 
|-
 
|-
| width="25%" | Web Usage (flagged)
+
| width="25%" | Top Application (by sent bytes)
| width="60%" | The amount of flagged, and blocked web requests over time.
+
| width="60%" | The sum of the data sent grouped by Application Control application.
 
|-
 
|-
| width="25%" | Web Usage (blocked)
+
| width="25%" | Top Categories Usage
| width="60%" | The amount of flagged, and blocked web requests over time.
+
| width="60%" | The bandwidth usage of the top application categories.
 
|-
 
|-
| width="25%" | Top Categories (by request)
+
| width="25%" | Top Category (by total bytes)
| width="60%" | The number of web requests grouped by category.
+
| width="60%" | The sum of the data transferred grouped by Application Control category.
 
|-
 
|-
| width="25%" | Top Categories (by size)
+
| width="25%" | Top Priorities Usage
| width="60%" | The sum of the size of requested web content grouped by category.
+
| width="60%" | The bandwidth usage by priority.
 
|-
 
|-
| width="25%" | Top Flagged Categories
+
| width="25%" | Top Priorities (by total bytes)
| width="60%" | The number of flagged web requests grouped by category.
+
| width="60%" | The sum of the data transferred grouped by priority.
 
|-
 
|-
| width="25%" | Top Blocked Categories
+
| width="25%" | Top Countries Usage
| width="60%" | The number of blocked web requests grouped by category.
+
| width="60%" | The bandwidth usage by top countries.
 
|-
 
|-
| width="25%" | Top Sites (by request)
+
| width="25%" | Top Countries (by total bytes)
| width="60%" | The number of web requests grouped by website.
+
| width="60%" | The sum of the data transferred grouped by country.
 
|-
 
|-
| width="25%" | Top Sites (by size)
+
| width="25%" | Bypassed (by total bytes)
| width="60%" | The sum of the size of requested web content grouped by website.
+
| width="60%" | The sum of the data transferred grouped by bypassed.
 
|-
 
|-
| width="25%" | Top Flagged Sites
+
| width="25%" | All Sessions
| width="60%" | The number of flagged web requests grouped by website.
+
| width="60%" | All sessions processed by Bandwidth Control.
 
|-
 
|-
| width="25%" | Top Blocked Sites
+
| width="25%" | Quota Events
| width="60%" | The number of blocked web requests grouped by website.
+
| width="60%" | Shows when quotas are assigned or expired.
 
|-
 
|-
| width="25%" | Top Domains (by request)
+
| width="25%" | Prioritized Sessions
| width="60%" | The number of web requests grouped by domain.
+
| width="60%" | All sessions prioritized by Bandwidth Control.
 
|-
 
|-
| width="25%" | Top Domains (by size)
+
|}
| width="60%" | The sum of the size of requested web content grouped by domain.
+
<section end='Bandwidth Control' />
 +
 
 +
 
 +
== Hosts Reports ==
 +
<section begin='Hosts' />
 +
{| border="1" cellpadding="2" width="85%%" align="center"  
 +
!Report Entry
 +
!Description
 
|-
 
|-
| width="25%" | Top Flagged Domains
+
| width="25%" | Hosts Active
| width="60%" | The number of flagged web requests grouped by domain.
+
| width="60%" | The amount of active hosts by time.
 
|-
 
|-
| width="25%" | Top Blocked Domains
+
| width="25%" | Hosts Additions
| width="60%" | The number of blocked web requests grouped by domain.
+
| width="60%" | The amount of hosts add and removed from the host table over time.
 
|-
 
|-
| width="25%" | Top Domains Usage
+
| width="25%" | Hosts Updates
| width="60%" | The amount of web requests per top domain.
+
| width="60%" | The number of updates to the host table over time.
 
|-
 
|-
| width="25%" | Top Hostnames (by requests)
+
| width="25%" | Hosts Events
| width="60%" | The number of web requests grouped by hostname.
+
| width="60%" | All updates to hosts in the host table.
 
|-
 
|-
| width="25%" | Top Hostnames (by size)
+
| width="25%" | Penalty Box Events
| width="60%" | The sum of the size of requested web content grouped by hostname.
+
| width="60%" | Shows when hosts are tagged with penalty-box or have the tag removed.
 
|-
 
|-
| width="25%" | Top Flagged Hostnames
+
|}
| width="60%" | The number of flagged web request grouped by hostname.
+
<section end='Hosts' />
|-
+
 
| width="25%" | Top Blocked Hostnames
+
 
| width="60%" | The number of blocked web request grouped by hostname.
+
== Web Filter Reports ==
 +
<section begin='Web Filter' />
 +
{| border="1" cellpadding="2" width="85%%" align="center"  
 +
!Report Entry
 +
!Description
 
|-
 
|-
| width="25%" | Top Clients (by requests)
+
| width="25%" | Web Filter Summary
| width="60%" | The number of web requests grouped by client.
+
| width="60%" | A summary of web filter actions.
 
|-
 
|-
| width="25%" | Top Clients (by size)
+
| width="25%" | Web Usage
| width="60%" | The sum of the size of requested web content grouped by client.
+
| width="60%" | The amount of total, flagged, and blocked web requests over time.
 
|-
 
|-
| width="25%" | Top Flagged Clients
+
| width="25%" | Web Usage (scanned)
| width="60%" | The number of flagged web request grouped by client.
+
| width="60%" | The amount of total, flagged, and blocked web requests over time.
 
|-
 
|-
| width="25%" | Top Blocked Clients
+
| width="25%" | Web Usage (flagged)
| width="60%" | The number of blocked web request grouped by client.
+
| width="60%" | The amount of flagged, and blocked web requests over time.
 
|-
 
|-
| width="25%" | Top Usernames (by requests)
+
| width="25%" | Web Usage (blocked)
| width="60%" | The number of web requests grouped by username.
+
| width="60%" | The amount of flagged, and blocked web requests over time.
 
|-
 
|-
| width="25%" | Top Usernames (by size)
+
| width="25%" | Top Categories (by request)
| width="60%" | The sum of the size of requested web content grouped by username.
+
| width="60%" | The number of web requests grouped by category.
 
|-
 
|-
| width="25%" | Top Flagged Usernames
+
| width="25%" | Top Categories (by size)
| width="60%" | The number of flagged web request grouped by username.
+
| width="60%" | The sum of the size of requested web content grouped by category.
 
|-
 
|-
| width="25%" | Top Blocked Usernames
+
| width="25%" | Top Flagged Categories
| width="60%" | The number of blocked web request grouped by username.
+
| width="60%" | The number of flagged web requests grouped by category.
 
|-
 
|-
| width="25%" | Top Content (by request)
+
| width="25%" | Top Blocked Categories
| width="60%" | The number of web requests grouped by category.
+
| width="60%" | The number of blocked web requests grouped by category.
 
|-
 
|-
| width="25%" | Top Content (by size)
+
| width="25%" | Top Sites (by request)
| width="60%" | The sum of the size of requested web content grouped by category.
+
| width="60%" | The number of web requests grouped by website.
 
|-
 
|-
| width="25%" | Top Searches
+
| width="25%" | Top Sites (by size)
| width="60%" | The top search terms.
+
| width="60%" | The sum of the size of requested web content grouped by website.
 
|-
 
|-
| width="25%" | Top Blocked Searches
+
| width="25%" | Top Flagged Sites
| width="60%" | The top blocked search terms.
+
| width="60%" | The number of flagged web requests grouped by website.
 
|-
 
|-
| width="25%" | Top Flagged Searches
+
| width="25%" | Top Blocked Sites
| width="60%" | The top flagged search terms.
+
| width="60%" | The number of blocked web requests grouped by website.
 
|-
 
|-
| width="25%" | All Web Events
+
| width="25%" | Top Domains (by request)
| width="60%" | Shows all scanned web requests.
+
| width="60%" | The number of web requests grouped by domain.
 
|-
 
|-
| width="25%" | Flagged Web Events
+
| width="25%" | Top Domains (by size)
| width="60%" | Shows all flagged web requests.
+
| width="60%" | The sum of the size of requested web content grouped by domain.
 
|-
 
|-
| width="25%" | Blocked Web Events
+
| width="25%" | Top Flagged Domains
| width="60%" | Shows all blocked web requests.
+
| width="60%" | The number of flagged web requests grouped by domain.
 
|-
 
|-
| width="25%" | All HTTP Events
+
| width="25%" | Top Blocked Domains
| width="60%" | Shows all scanned unencrypted HTTP requests.
+
| width="60%" | The number of blocked web requests grouped by domain.
 
|-
 
|-
| width="25%" | All HTTPS Events
+
| width="25%" | Top Domains Usage
| width="60%" | Shows all encrypted HTTPS requests.
+
| width="60%" | The amount of web requests per top domain.
 
|-
 
|-
| width="25%" | Unblocked Web Events
+
| width="25%" | Top Hostnames (by requests)
| width="60%" | Shows all unblocked web requests
+
| width="60%" | The number of web requests grouped by hostname.
 
|-
 
|-
| width="25%" | All Search Events
+
| width="25%" | Top Hostnames (by size)
| width="60%" | Shows all search queries processed by Web Filter.
+
| width="60%" | The sum of the size of requested web content grouped by hostname.
 
|-
 
|-
| width="25%" | Blocked Search Events
+
| width="25%" | Top Flagged Hostnames
| width="60%" | Shows all blocked search queries.
+
| width="60%" | The number of flagged web request grouped by hostname.
 
|-
 
|-
| width="25%" | Flagged Search Events
+
| width="25%" | Top Blocked Hostnames
| width="60%" | Shows all flagged search queries.
+
| width="60%" | The number of blocked web request grouped by hostname.
 
|-
 
|-
|}
+
| width="25%" | Top Clients (by requests)
<section end='Web Filter' />
+
| width="60%" | The number of web requests grouped by client.
 
 
== Virus Blocker Reports ==
 
<section begin='Virus Blocker' />
 
{| border="1" cellpadding="2" width="85%%" align="center"
 
!Report Entry
 
!Description
 
 
|-
 
|-
| width="25%" | Virus Blocker Web Summary
+
| width="25%" | Top Clients (by size)
| width="60%" | A summary of virus blocking actions for web activity.
+
| width="60%" | The sum of the size of requested web content grouped by client.
 
|-
 
|-
| width="25%" | Virus Blocker Email Summary
+
| width="25%" | Top Flagged Clients
| width="60%" | A summary of virus blocking actions for Email activity.
+
| width="60%" | The number of flagged web request grouped by client.
|-
+
|-
| width="25%" | Virus Blocker FTP Summary
+
| width="25%" | Top Blocked Clients
| width="60%" | A summary of virus blocking actions for FTP activity.
+
| width="60%" | The number of blocked web request grouped by client.
|-
+
|-
| width="25%" | Web Usage (all)
+
| width="25%" | Top Usernames (by requests)
| width="60%" | The amount of scanned and blocked web requests over time.
+
| width="60%" | The number of web requests grouped by username.
|-
+
|-
| width="25%" | Web Usage (scanned)
+
| width="25%" | Top Usernames (by size)
| width="60%" | The amount of scanned web requests over time.
+
| width="60%" | The sum of the size of requested web content grouped by username.
|-
+
|-
| width="25%" | Web Usage (blocked)
+
| width="25%" | Top Flagged Usernames
| width="60%" | The amount of blocked web requests over time.
+
| width="60%" | The number of flagged web request grouped by username.
|-
+
|-
| width="25%" | Web Top Blocked Viruses
+
| width="25%" | Top Blocked Usernames
| width="60%" | The top web virus blocked.
+
| width="60%" | The number of blocked web request grouped by username.
|-
+
|-
| width="25%" | Web Top Blocked Clients
+
| width="25%" | Top Content (by request)
| width="60%" | The top web clients by blocked virus count.
+
| width="60%" | The number of web requests grouped by category.
|-
+
|-
| width="25%" | Web Top Blocked Sites
+
| width="25%" | Top Content (by size)
| width="60%" | The top web sites by blocked virus count.
+
| width="60%" | The sum of the size of requested web content grouped by category.
|-
+
|-
| width="25%" | Web Top Scanned Sites
+
| width="25%" | Top Searches
| width="60%" | The top web sites by scan count.
+
| width="60%" | The number of non blocked, non-flagged search queries grouped by term.
|-
+
|-
| width="25%" | FTP Usage (all)
+
| width="25%" | Top Flagged Searches
| width="60%" | The amount of scanned and blocked FTP requests over time.
+
| width="60%" | The number of flagged search queries grouped by term.
 +
|-
 +
| width="25%" | Top Blocked Searches
 +
| width="60%" | The number of blocked search queries grouped by term.
 +
|-
 +
| width="25%" | All Web Events
 +
| width="60%" | Shows all scanned web requests.
 +
|-
 +
| width="25%" | Flagged Web Events
 +
| width="60%" | Shows all flagged web requests.
 +
|-
 +
| width="25%" | Blocked Web Events
 +
| width="60%" | Shows all blocked web requests.
 +
|-
 +
| width="25%" | All HTTP Events
 +
| width="60%" | Shows all scanned unencrypted HTTP requests.
 +
|-
 +
| width="25%" | All HTTPS Events
 +
| width="60%" | Shows all encrypted HTTPS requests.
 +
|-
 +
| width="25%" | Unblocked Web Events
 +
| width="60%" | Shows all unblocked web requests
 +
|-
 +
| width="25%" | All Search Events
 +
| width="60%" | Shows all search queries processed by Web Filter.
 +
|-
 +
| width="25%" | Flagged Search Events
 +
| width="60%" | Shows flagged search queries processed by Web Filter.
 +
|-
 +
| width="25%" | Blocked Search Events
 +
| width="60%" | Shows blocked search queries processed by Web Filter.
 +
|-
 +
|}
 +
<section end='Web Filter' />
 +
 
 +
 
 +
== Virus Blocker Reports ==
 +
<section begin='Virus Blocker' />
 +
{| border="1" cellpadding="2" width="85%%" align="center"
 +
!Report Entry
 +
!Description
 +
|-
 +
| width="25%" | Virus Blocker Web Summary
 +
| width="60%" | A summary of virus blocking actions for web activity.
 +
|-
 +
| width="25%" | Virus Blocker FTP Summary
 +
| width="60%" | A summary of virus blocking actions for FTP activity.
 +
|-
 +
| width="25%" | Virus Blocker Email Summary
 +
| width="60%" | A summary of virus blocking actions for Email activity.
 +
|-
 +
| width="25%" | Web Usage (all)
 +
| width="60%" | The amount of scanned and blocked web requests over time.
 +
|-
 +
| width="25%" | Web Usage (scanned)
 +
| width="60%" | The amount of scanned web requests over time.
 +
|-
 +
| width="25%" | Web Usage (blocked)
 +
| width="60%" | The amount of blocked web requests over time.
 +
|-
 +
| width="25%" | Web Top Blocked Viruses
 +
| width="60%" | The top web virus blocked.
 +
|-
 +
| width="25%" | Web Top Blocked Clients
 +
| width="60%" | The top web clients by blocked virus count.
 +
|-
 +
| width="25%" | Web Top Blocked Sites
 +
| width="60%" | The top web sites by blocked virus count.
 +
|-
 +
| width="25%" | Web Top Scanned Sites
 +
| width="60%" | The top web sites by scan count.
 +
|-
 +
| width="25%" | FTP Usage (all)
 +
| width="60%" | The amount of scanned and blocked FTP requests over time.
 
|-
 
|-
 
| width="25%" | FTP Usage (scanned)
 
| width="25%" | FTP Usage (scanned)
Line 1,328: Line 1,407:
 
| width="25%" | Virus Blocker Lite Web Summary
 
| width="25%" | Virus Blocker Lite Web Summary
 
| width="60%" | A summary of virus blocking actions for web activity.
 
| width="60%" | A summary of virus blocking actions for web activity.
 +
|-
 +
| width="25%" | Virus Blocker Lite FTP Summary
 +
| width="60%" | A summary of virus blocking actions for FTP activity.
 
|-
 
|-
 
| width="25%" | Virus Blocker Lite Email Summary
 
| width="25%" | Virus Blocker Lite Email Summary
 
| width="60%" | A summary of virus blocking actions for Email activity.
 
| width="60%" | A summary of virus blocking actions for Email activity.
|-
 
| width="25%" | Virus Blocker Lite FTP Summary
 
| width="60%" | A summary of virus blocking actions for FTP activity.
 
 
|-
 
|-
 
| width="25%" | Web Usage (all)
 
| width="25%" | Web Usage (all)
Line 1,434: Line 1,513:
 
| width="25%" | Blocked Sessions
 
| width="25%" | Blocked Sessions
 
| width="60%" | The amount of blocked sessions over time.
 
| width="60%" | The amount of blocked sessions over time.
 +
|-
 +
| width="25%" | Top Blocked Usernames
 +
| width="60%" | The number of blocked sessions grouped by username.
 +
|-
 +
| width="25%" | Top Blocked Clients
 +
| width="60%" | The number of blocked sessions grouped by client.
 
|-
 
|-
 
| width="25%" | Top Blocked Ports
 
| width="25%" | Top Blocked Ports
 
| width="60%" | The number of blocked sessions grouped by server port.
 
| width="60%" | The number of blocked sessions grouped by server port.
 
|-
 
|-
| width="25%" | Top Blocked Clients
+
| width="25%" | Top Blocked Servers
| width="60%" | The number of blocked sessions grouped by client.
+
| width="60%" | The number of blocked sessions grouped by server.
 
|-
 
|-
 
| width="25%" | Top Blocked Hostnames
 
| width="25%" | Top Blocked Hostnames
 
| width="60%" | The number of blocked sessions grouped by hostname.
 
| width="60%" | The number of blocked sessions grouped by hostname.
|-
 
| width="25%" | Top Blocked Usernames
 
| width="60%" | The number of blocked sessions grouped by username.
 
 
|-
 
|-
 
| width="25%" | Scanned Session Events
 
| width="25%" | Scanned Session Events
Line 1,485: Line 1,567:
 
|-
 
|-
 
| width="25%" | Top Blocked Clients
 
| width="25%" | Top Blocked Clients
| width="60%" | The number of flagged session grouped by client.
+
| width="60%" | The number of blocked session grouped by client.
 
|-
 
|-
 
| width="25%" | Top Scanned Usernames
 
| width="25%" | Top Scanned Usernames
Line 1,494: Line 1,576:
 
|-
 
|-
 
| width="25%" | Top Blocked Usernames
 
| width="25%" | Top Blocked Usernames
| width="60%" | The number of flagged session grouped by username.
+
| width="60%" | The number of blocked session grouped by username.
 
|-
 
|-
 
| width="25%" | Top Scanned Server Ports
 
| width="25%" | Top Scanned Server Ports
Line 1,503: Line 1,585:
 
|-
 
|-
 
| width="25%" | Top Blocked Server Ports
 
| width="25%" | Top Blocked Server Ports
| width="60%" | The number of flagged session grouped by server (destination) port.
+
| width="60%" | The number of blocked session grouped by server (destination) port.
 
|-
 
|-
 
| width="25%" | All Events
 
| width="25%" | All Events
Line 1,560: Line 1,642:
 
| width="25%" | WAN Disconnect Events
 
| width="25%" | WAN Disconnect Events
 
| width="60%" | The number of disconnect events grouped by WAN.
 
| width="60%" | The number of disconnect events grouped by WAN.
 +
|-
 +
| width="25%" | WAN Interface Outages
 +
| width="60%" | The fails tests of each interface over time.
 
|-
 
|-
 
| width="25%" | Outage Events
 
| width="25%" | Outage Events

Revision as of 15:17, 19 February 2020

Captive Portal Reports

Report Entry Description
Captive Portal Summary A summary of Captive Portal actions.
Activity Summary A summary of Captive Portal activity.
Top Active Users The top active users that logged in to Captive Portal.
Top Blocked Clients The top clients that were blocked by Captive Portal because they were not logged in.
All Session Events All sessions processed by Captive Portal.
Passed Session Events Sessions matching passed hosts.
Captured Session Events Sessions matching capture rules.
All User Events All user sessions processed by Captive Portal.
Login Success User Events Successful logins to Captive Portal.
Login Failure User Events Failed logins to Captive Portal.
Session Timeout User Events Sessions that reached the session timeout.
Idle Timeout User Events Sessions that reached the idle timeout.
User Logout User Events All user logout events.
Admin Logout User Events Sessions logged off by the admin.


Configuration Backup Reports

Report Entry Description
Configuration Backup Summary A summary of configuration backup actions.
Backup Usage (all) The amount of successes, and failures of configuration backup over time.
Backup Usage (success) The amount of successful configuration backups over time.
Backup Usage (failed) The amount of failed configuration backups over time.
Backup Events All Configuration Backup events.


Network Reports

Report Entry Description
Network Summary A summary of network traffic.
Data Usage (by interface) The total data usage by interface.
Data Usage per Day (by interface) The data usage of each interface by day
Data Rx-Usage (by interface) The total received data usage by interface.
Data Tx-Usage (by interface) The total received data usage by interface.
Sessions The amount of total, scanned, and bypassed sessions over time.
Sessions Per Minute The amount of total, scanned, and bypassed sessions created per minute.
Sessions Per Hour The amount of total, scanned, and bypassed sessions created per hour.
Bandwidth Usage The approximate averaged data transfer rate (total, sent, received) over time.
Top Client Addresses The number of sessions grouped by client (source) address.
Top Server Addresses The number of sessions grouped by server (destination) address.
Top Server Ports The number of sessions grouped by server (destination) port.
Top IP Protocols The number of sessions grouped by IP protocol number.
Top Server Countries The number of sessions grouped by server (destination) country.
Interface Usage The RX rate of each interface over time.
All Sessions All sessions handled by Untangle.
Scanned Sessions All sessions that were not bypassed.
Bypassed Sessions All sessions matching a bypass rule and bypassed.
Blocked Sessions All sessions blocked by filter rules.
Port Forwarded Sessions All sessions match a port forward rule.
NATd Sessions All sessions that have been NATd by Untangle.
All Session Minutes All sessions by minute.


Administration Reports

Report Entry Description
Admin Logins The number of total, successful, and failed admin logins over time.
Settings Changes The number of settings changes over time.
Admin Login Events All local administrator logins.
All Settings Changes All settings changes performed by an administrator.


System Reports

Report Entry Description
CPU Load The CPU load over time.
Disk Usage The disk utilization over time.
Memory Usage The amount of free memory over time.
Swap Usage The swap utilization over time as a percent of total swap size .
Swap Usage Bytes The swap utilization over time.
Highest Active Hosts The highest number of active hosts.
Server Status Events All system status events.


Application Control Lite Reports

Report Entry Description
Application Control Lite Summary A summary of Application Control Lite actions.
Detection Statistics The number of logged and blocked sessions over time.
Top Blocked Protocols The top blocked sessions by protocol.
Top Logged Protocols The top logged sessions by protocol.
Top Blocked Hosts The top blocked sessions by host.
Top Logged Hosts The top logged sessions by host.
Top Blocked Users The top blocked sessions by user.
Top Logged Users The top logged sessions by user.
All Events All sessions scanned by Application Control Lite.
Blocked Events All sessions matching an application signature and blocked.


Spam Blocker Lite Reports

Report Entry Description
Spam Blocker Lite Summary A summary of spam blocking actions for email activity.
Email Usage (all) The amount of scanned, clean, and spam email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (clean) The amount of clean email over time.
Email Usage (spam) The amount of spam email over time.
Spam Ratio The ratio of spam (true) to ham (false)
Top Spam Recipients The number of email addresses with spam.
Top Spam Sender Addresses The number of IP addresses sending spam.
All Email Events All emails scanned by Spam Blocker.
All Spam Events All emails marked as Spam.
Quarantined Events All emails marked as Spam and quarantined.
Tarpit Events All email sessions that were tarpitted.


Phish Blocker Reports

Report Entry Description
Phish Blocker Summary A summary of phish blocking actions for email activity.
Email Usage (all) The amount of scanned, clean, and phish email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (clean) The amount of clean email over time.
Email Usage (phish) The amount of phish email over time.
Phish Ratio The ratio of phish (true) to ham (false)
Top Phish Recipients The number of email addresses with phish.
Top Phish Sender Addresses The number of IP addresses sending phish.
All Email Events All email sessions scanned by Phish Blocker.
All Phish Events All email sessions detected as phishing attempts.
Quarantined Events All email sessions detected as phishing attempts and quarantined.


Tunnel VPN Reports

Report Entry Description
Tunnel VPN Summary A summary of Tunnel VPN traffic.
Hourly Tunnel Traffic The amount of Tunnel VPN traffic over time.
Top Tunnel Traffic The amount of traffic for each Tunnel VPN tunnel.
Connection Events Shows all Tunnel VPN connection events.
Tunnel Stat Events Shows all Tunnel VPN traffic statistics events.


Events Reports

Report Entry Description
Alerts Alerts over time.
Top Alerts The top alerts.
Alert Events Log of all alerts created by alert rules.


Users Reports

Report Entry Description
Users Events All updates to users in the user table.


Policy Manager Reports

Report Entry Description
Policy Manager Summary A summary of Policy Manager actions.
Top Policy Usage The amount of bandwidth per policy.
Sessions By Policy The number of sessions for each policy.
Traffic By Policy The amount of traffic for each policy.
All Events Lists all sessions with the policy manager rack that handled the session.


Threat Prevention Reports

Report Entry Description
Web Traffic Summary A summary of web Threat Prevention actions.
Non-Web Traffic Summary A summary of non-web Threat Prevention actions.
Web Top Scanned Threats The number of web scanned sessions to servers grouped by threat reputation.
Web Top Blocked Threats The number of web blocked sessions to servers grouped by threats reputation.
Web Top Scanned Categories The number of other scanned sessions to servers grouped by threat.
Web Top Blocked Categories The number of web sessions blocked grouped by threat.
Web Top Blocked Countries Top blocked web sessions to servers grouped by country.
Web Top Scanned Hosts The number of web scanned sessions grouped by server.
Web Top Blocked Hosts The number of web blocked session grouped by client.
Non-Web Top Scanned Threats (by client) The number of non-web scanned sessions from clients grouped by threat reputation.
Non-Web Top Blocked Threats (by client) The number of non-web blocked sessions from clients grouped by threat reputation.
Non-Web Top Scanned Threats (by server) The number of non-web scanned sessions to servers grouped by threat reputation.
Non-Web Top Blocked Threats (by server) The number of non-web blocked sessions to servers grouped by threat reputation.
Non-Web Top Scanned Categories (by client) The number of non-web scanned sessions from clients grouped by threat.
Non-Web Top Blocked Categories (by client) The number of non-web blocked sessions from clients grouped by threat.
Non-Web Top Scanned Categories (by server) The number of non-web scanned sessions to servers grouped by threat.
Non-Web Top Blocked Categories (by server) The number of non-web blocked sessions to servers grouped by threat.
Non-Web Top Blocked Countries (by client) Top non-web blocked sessions from clients grouped by country.
Non-Web Top Blocked Countries (by server) Top non-web blocked sessions to servers grouped by threat.
Non-Web Top Scanned Clients The number of non-web scanned session grouped by client.
Non-Web Top Blocked Clients The number of non-web blocked session grouped by client.
Non-Web Top Scanned Servers The number of non-web scanned sessions grouped by server.
Non-Web Top Blocked Server The number of non-web blocked session grouped by client.
All Web Events Shows all scanned web requests.
Blocked Web Events Shows all blocked web requests.
Non-Web All Events All non-web events scanned by Threat Prevention.
Non-Web Blocked Events Non-web events blocked by Threat Prevention.


Ad Blocker Reports

Report Entry Description
Ad Blocker Summary A summary of ad blocker actions.
Ads Blocked The amount of detected and blocked ads over time.
Top Blocked Ad Sites The number of blocked ads grouped by website.
All Ad Events All HTTP requests scanned by Ad Blocker.
Blocked Ad Events HTTP requests blocked by Ad Blocker.
Blocked Cookie Events Requests blocked by cookie filters.


WAN Balancer Reports

Report Entry Description
WAN Balancer Summary A summary of WAN Balancer actions.
Sessions By Interface The number of sessions destined to each interface.
Bytes By Interface The number of bytes destined to each interface.


Spam Blocker Reports

Report Entry Description
Spam Blocker Summary A summary of spam blocking actions for email activity.
Email Usage (all) The amount of scanned, clean, and spam email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (clean) The amount of clean email over time.
Email Usage (spam) The amount of spam email over time.
Spam Ratio The ratio of spam (true) to ham (false)
Top Spam Recipients The number of email addresses with spam.
Top Spam Sender Addresses The number of IP addresses sending spam.
All Email Events All emails scanned by Spam Blocker.
All Spam Events All emails marked as Spam.
Quarantined Events All emails marked as Spam and quarantined.
Tarpit Events All email sessions that were tarpitted.


IPsec VPN Reports

Report Entry Description
IPsec VPN Summary A summary of IPsec VPN actions.
Hourly Tunnel Traffic The amount of IPsec tunnel traffic over time.
Top Tunnel Traffic The amount of traffic for each IPsec tunnel.
Top Active Users The top IPsec VPN users by number of sessions.
Top Download Users The top IPsec users grouped by amount of data downloaded.
Top Upload Users The top IPsec users grouped by amount of data uploaded.
Top Protocols The top IPsec VPN connections by protocol.
L2TP/Xauth Events Shows all user L2TP/Xauth events.
Tunnel Connection Events Shows all IPsec VPN tunnel connection events.
Tunnel Traffic Events Shows all IPsec tunnel traffic statistics events.


SSL Inspector Reports

Report Entry Description
SSL Inspector Summary A summary of SSL Inspector actions.
Sessions Scanned The amount of SSL sessions over time.
Sessions Inspected The amount of inspected SSL sessions over time.
Top Inspected Sites The number of inspected sessions grouped by site.
Top Ignored Sites The number of ignored sessions grouped by site.
All Sessions All sessions detected by SSL Inspector.
Inspected Sessions Events where traffic was fully processed by the inspector, and all traffic was passed through all the other applications and services.
Ignored Sessions Events where traffic was not or could not be inspected, so the traffic was completely ignored and not analyzed by any applications or services.
Blocked Sessions Events where traffic was blocked because it did not contain a valid SSL request, and the Block Invalid Traffic option was enabled.
Untrusted Sessions Events where traffic was blocked because the server certificate could not be authenticated.
Abandoned Sessions Events where traffic was blocked due to an underlying problems with the SSL session.


Application Control Reports

Report Entry Description
Application Control Summary A summary of Application Control actions.
Top Applications Usage The amount of bandwidth per top application.
Scanned Sessions (all) The amount of scanned, flagged, and blocked sessions over time.
Scanned Sessions (flagged) The amount of flagged, and blocked sessions over time.
Scanned Sessions (blocked) The amount of flagged, and blocked sessions over time.
Top Categories (by sessions) The number of sessions grouped by category.
Top Applications (by sessions) The number of sessions grouped by application.
Top Applications (by size) The number of bytes grouped by application.
Top Flagged Applications The number of flagged sessions grouped by application.
Top Blocked Applications The number of blocked sessions grouped by application.
Top Flagged Hostnames The number of flagged sessions grouped by hostname.
Top Blocked Hostnames The number of blocked sessions grouped by hostname.
Top Flagged Clients The number of flagged sessions grouped by client.
Top Blocked Clients The number of blocked sessions grouped by client.
Top Flagged Usernames The number of flagged sessions grouped by username.
Top Blocked Usernames The number of blocked sessions grouped by username.
Classified Sessions All sessions matching an application control signature.
Flagged Sessions All sessions matching an application control signature and flagged.
Blocked Sessions All sessions matching an application control signature and blocked.
All Sessions All sessions scanned by Application Control.


Web Monitor Reports

Report Entry Description
Web Monitor Summary A summary of web monitor actions.
Web Usage The amount of total and flagged web requests over time.
Web Usage (scanned) The amount of total web requests over time.
Web Usage (flagged) The amount of flagged web requests over time.
Top Categories (by request) The number of web requests grouped by category.
Top Categories (by size) The sum of the size of requested web content grouped by category.
Top Flagged Categories The number of flagged web requests grouped by category.
Top Sites (by request) The number of web requests grouped by website.
Top Sites (by size) The sum of the size of requested web content grouped by website.
Top Flagged Sites The number of flagged web requests grouped by website.
Top Domains (by request) The number of web requests grouped by domain.
Top Domains (by size) The sum of the size of requested web content grouped by domain.
Top Flagged Domains The number of flagged web requests grouped by domain.
Top Domains Usage The amount of web requests per top domain.
Top Hostnames (by requests) The number of web requests grouped by hostname.
Top Hostnames (by size) The sum of the size of requested web content grouped by hostname.
Top Flagged Hostnames The number of flagged web request grouped by hostname.
Top Clients (by requests) The number of web requests grouped by client.
Top Clients (by size) The sum of the size of requested web content grouped by client.
Top Flagged Clients The number of flagged web request grouped by client.
Top Usernames (by requests) The number of web requests grouped by username.
Top Usernames (by size) The sum of the size of requested web content grouped by username.
Top Flagged Usernames The number of flagged web request grouped by username.
Top Content (by request) The number of web requests grouped by category.
Top Content (by size) The sum of the size of requested web content grouped by category.
Top Searches The number of non blocked, non-flagged search queries grouped by term.
Top Flagged Searches The number of flagged search queries grouped by term.
All Web Events Shows all scanned web requests.
Flagged Web Events Shows all flagged web requests.
All HTTP Events Shows all scanned unencrypted HTTP requests.
All HTTPS Events Shows all encrypted HTTPS requests.
All Search Events Shows all search queries processed by Web Monitor.
Flagged Search Events Shows flagged search queries processed by Web Monitor.


Web Cache Reports

Report Entry Description
Web Cache Summary A summary of Web Cache actions.
Cache Hit-Miss Statistics The number of cache hits, misses, and sessions bypassed over time.
Cache Size Statistics The amount of cached and uncached web data over time.
Web Cache Events All HTTP events processed by Web Cache.


Directory Connector Reports

Report Entry Description
Directory Connector Summary A summary of Directory Connector actions.
API Usage The amount of login, update and logout user notification API events over time.
API Events Events from the user notification API.


Intrusion Prevention Reports

Report Entry Description
Intrusion Prevention Summary A summary of intrusion detection and prevention actions.
Intrusion Detection (all) The amount of detected and blocked intrusions over time.
Intrusion Detection (logged) The amount of detected intrusions over time.
Intrusion Detection (blocked) The amount of blocked intrusions over time.
Top Rules (all) The number of intrusions detevted by rule.
Top Rules (logged) The number of intrusions logged by rule.
Top Rules (blocked) The number of intrusions blocked by rule.
Top Signatures (all) The number of intrusions detected by signature.
Top Signatures (logged) The number of intrusions logged by signature.
Top Signatures (blocked) The number of intrusions blocked by signature.
Top Classtypes (all) The number of intrusions detected by classtype.
Top Classtypes (logged) The number of intrusions logged by classtype.
Top Classtypes (blocked) The number of intrusions blocked by classtype.
Top Categories (all) The number of intrusions detected by category.
Top Categories (logged) The number of intrusions logged by category.
Top Categories (blocked) The number of intrusions blocked by category.
Top Source IP Addresses (all) The number of intrusions detected by source IP address.
Top Source IP Addresses (logged) The number of intrusions logged by source IP address.
Top Source IP Addresses (blocked) The number of intrusions blocked by source IP address.
Top Source Ports (all) The number of intrusions detected by source port.
Top Source Ports (logged) The number of intrusions logged by source port.
Top Source Ports (blocked) The number of intrusions blocked by source port.
Top Destination IP Addresses (all) The number of intrusions detected by destination IP address.
Top Destination IP Addresses (logged) The number of intrusions logged by destination IP address.
Top Destination IP Addresses (blocked) The number of intrusions blocked by destination IP address.
Top Destination Ports (all) The number of intrusions detected by destination port.
Top Destination Ports (logged) The number of intrusions logged by destination port.
Top Destination Ports (blocked) The number of intrusions blocked by destination port.
Top Protocols (all) The number of intrusions detected by protocol.
Top Protocols (logged) The number of intrusions logged by protocol.
Top Protocols (blocked) The number of intrusions blocked by protocol.
All Events All sessions scanned by Intrusion Prevention.
Logged Events All sessions matching Intrusion Prevention signatures and logged.
Blocked Events All sessions matching Intrusion Prevention signatures and blocked.


Devices Reports

Report Entry Description
Devices Additions The amount of devices add and removed from the device table over time.
Devices Updates The number of updates to the device table over time.
Devices Events All updates to devices in the device table.


Bandwidth Control Reports

Report Entry Description
Bandwidth Control Summary A summary of Bandwidth Control actions.
Bandwidth Usage The approximate averaged data transfer rate (total, sent, received) over time.
Top Hostnames Usage The bandwidth usage of the top hostnames.
Top Hostnames (by total bytes) The sum of the data transferred grouped by hostname.
Top Hostnames (by received bytes) The sum of the received data grouped by hostname.
Top Hostnames (by sent bytes) The sum of the sent data grouped by hostname.
Top Clients Usage The bandwidth usage of the top clients.
Top Clients (by total bytes) The sum of the data transferred grouped by client address.
Top Usernames Usage The bandwidth usage of the top usernames.
Top Usernames (by total bytes) The sum of the data transferred grouped by username.
Top Server Port Usage The bandwidth usage by top server port.
Top Ports (by total bytes) The sum of the data transferred grouped by server port.
Top Ports (by received bytes) The sum of the data received grouped by server port.
Top Ports (by sent bytes) The sum of the data sent grouped by server port.
Top Applications Usage The bandwidth usage of the top applications.
Top Application (by total bytes) The sum of the data transferred grouped by Application Control application.
Top Application (by received bytes) The sum of the data sent grouped by Application Control application.
Top Application (by sent bytes) The sum of the data sent grouped by Application Control application.
Top Categories Usage The bandwidth usage of the top application categories.
Top Category (by total bytes) The sum of the data transferred grouped by Application Control category.
Top Priorities Usage The bandwidth usage by priority.
Top Priorities (by total bytes) The sum of the data transferred grouped by priority.
Top Countries Usage The bandwidth usage by top countries.
Top Countries (by total bytes) The sum of the data transferred grouped by country.
Bypassed (by total bytes) The sum of the data transferred grouped by bypassed.
All Sessions All sessions processed by Bandwidth Control.
Quota Events Shows when quotas are assigned or expired.
Prioritized Sessions All sessions prioritized by Bandwidth Control.


Hosts Reports

Report Entry Description
Hosts Active The amount of active hosts by time.
Hosts Additions The amount of hosts add and removed from the host table over time.
Hosts Updates The number of updates to the host table over time.
Hosts Events All updates to hosts in the host table.
Penalty Box Events Shows when hosts are tagged with penalty-box or have the tag removed.


Web Filter Reports

Report Entry Description
Web Filter Summary A summary of web filter actions.
Web Usage The amount of total, flagged, and blocked web requests over time.
Web Usage (scanned) The amount of total, flagged, and blocked web requests over time.
Web Usage (flagged) The amount of flagged, and blocked web requests over time.
Web Usage (blocked) The amount of flagged, and blocked web requests over time.
Top Categories (by request) The number of web requests grouped by category.
Top Categories (by size) The sum of the size of requested web content grouped by category.
Top Flagged Categories The number of flagged web requests grouped by category.
Top Blocked Categories The number of blocked web requests grouped by category.
Top Sites (by request) The number of web requests grouped by website.
Top Sites (by size) The sum of the size of requested web content grouped by website.
Top Flagged Sites The number of flagged web requests grouped by website.
Top Blocked Sites The number of blocked web requests grouped by website.
Top Domains (by request) The number of web requests grouped by domain.
Top Domains (by size) The sum of the size of requested web content grouped by domain.
Top Flagged Domains The number of flagged web requests grouped by domain.
Top Blocked Domains The number of blocked web requests grouped by domain.
Top Domains Usage The amount of web requests per top domain.
Top Hostnames (by requests) The number of web requests grouped by hostname.
Top Hostnames (by size) The sum of the size of requested web content grouped by hostname.
Top Flagged Hostnames The number of flagged web request grouped by hostname.
Top Blocked Hostnames The number of blocked web request grouped by hostname.
Top Clients (by requests) The number of web requests grouped by client.
Top Clients (by size) The sum of the size of requested web content grouped by client.
Top Flagged Clients The number of flagged web request grouped by client.
Top Blocked Clients The number of blocked web request grouped by client.
Top Usernames (by requests) The number of web requests grouped by username.
Top Usernames (by size) The sum of the size of requested web content grouped by username.
Top Flagged Usernames The number of flagged web request grouped by username.
Top Blocked Usernames The number of blocked web request grouped by username.
Top Content (by request) The number of web requests grouped by category.
Top Content (by size) The sum of the size of requested web content grouped by category.
Top Searches The number of non blocked, non-flagged search queries grouped by term.
Top Flagged Searches The number of flagged search queries grouped by term.
Top Blocked Searches The number of blocked search queries grouped by term.
All Web Events Shows all scanned web requests.
Flagged Web Events Shows all flagged web requests.
Blocked Web Events Shows all blocked web requests.
All HTTP Events Shows all scanned unencrypted HTTP requests.
All HTTPS Events Shows all encrypted HTTPS requests.
Unblocked Web Events Shows all unblocked web requests
All Search Events Shows all search queries processed by Web Filter.
Flagged Search Events Shows flagged search queries processed by Web Filter.
Blocked Search Events Shows blocked search queries processed by Web Filter.


Virus Blocker Reports

Report Entry Description
Virus Blocker Web Summary A summary of virus blocking actions for web activity.
Virus Blocker FTP Summary A summary of virus blocking actions for FTP activity.
Virus Blocker Email Summary A summary of virus blocking actions for Email activity.
Web Usage (all) The amount of scanned and blocked web requests over time.
Web Usage (scanned) The amount of scanned web requests over time.
Web Usage (blocked) The amount of blocked web requests over time.
Web Top Blocked Viruses The top web virus blocked.
Web Top Blocked Clients The top web clients by blocked virus count.
Web Top Blocked Sites The top web sites by blocked virus count.
Web Top Scanned Sites The top web sites by scan count.
FTP Usage (all) The amount of scanned and blocked FTP requests over time.
FTP Usage (scanned) The amount of scanned FTP requests over time.
FTP Usage (blocked) The amount of blocked FTP requests over time.
FTP Top Blocked Viruses The number of blocked viruses by FTP activity.
FTP Top Blocked Clients The number of clients with blocked viruses by FTP activity.
FTP Top Blocked Sites The number of clients with blocked viruses by FTP activity.
Email Usage (all) The amount of scanned and blocked email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (blocked) The amount of blocked email over time.
Email Top Blocked Viruses The number of blocked viruses by Email activity.
Email Top Blocked Clients The number of clients with blocked viruses by Email activity.
Email Top Blocked Sites The number of clients with blocked viruses by Email activity.
Scanned Web Events All HTTP sessions scanned by Virus Blocker.
Infected Web Events Infected HTTP sessions blocked by Virus Blocker.
Clean Web Events Scanned HTTP sessions marked clean.
Scanned Email Events All email sessions scanned by Virus Blocker.
Infected Email Events Infected email sessions blocked by Virus Blocker.
Clean Email Events Scanned email sessions marked clean.
Scanned Ftp Events All FTP sessions scanned by Virus Blocker.
Infected Ftp Events Infected FTP sessions blocked by Virus Blocker.
Clean Ftp Events Scanned FTP sessions marked clean.


Virus Blocker Lite Reports

Report Entry Description
Virus Blocker Lite Web Summary A summary of virus blocking actions for web activity.
Virus Blocker Lite FTP Summary A summary of virus blocking actions for FTP activity.
Virus Blocker Lite Email Summary A summary of virus blocking actions for Email activity.
Web Usage (all) The amount of scanned and blocked web requests over time.
Web Usage (scanned) The amount of scanned web requests over time.
Web Usage (blocked) The amount of blocked web requests over time.
Web Top Blocked Viruses The top web virus blocked.
Web Top Blocked Clients The top web clients by blocked virus count.
Web Top Blocked Sites The top web sites by blocked virus count.
Web Top Scanned Sites The top web sites by scan count.
FTP Usage (all) The amount of scanned and blocked FTP requests over time.
FTP Usage (scanned) The amount of scanned FTP requests over time.
FTP Usage (blocked) The amount of blocked FTP requests over time.
FTP Top Blocked Viruses The number of blocked viruses by FTP activity.
FTP Top Blocked Clients The number of clients with blocked viruses by FTP activity.
FTP Top Blocked Sites The number of clients with blocked viruses by FTP activity.
Email Usage (all) The amount of scanned and blocked email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (blocked) The amount of blocked email over time.
Email Top Blocked Viruses The number of blocked viruses by Email activity.
Email Top Blocked Clients The number of clients with blocked viruses by Email activity.
Email Top Blocked Sites The number of clients with blocked viruses by Email activity.
Scanned Web Events All HTTP sessions scanned by Virus Blocker Lite.
Infected Web Events Infected HTTP sessions blocked by Virus Blocker Lite.
Clean Web Events Scanned HTTP sessions marked clean.
Scanned Email Events All email sessions scanned by Virus Blocker Lite.
Infected Email Events Infected email sessions blocked by Virus Blocker Lite.
Clean Email Events Scanned email sessions marked clean.
Scanned Ftp Events All FTP sessions scanned by Virus Blocker Lite.
Infected Ftp Events Infected FTP sessions blocked by Virus Blocker Lite.
Clean Ftp Events Scanned FTP sessions marked clean.


Shield Reports

Report Entry Description
Scanned Sessions The amount of scanned and blocked sessions over time.
Blocked Sessions The amount of blocked sessions over time.
Top Blocked Usernames The number of blocked sessions grouped by username.
Top Blocked Clients The number of blocked sessions grouped by client.
Top Blocked Ports The number of blocked sessions grouped by server port.
Top Blocked Servers The number of blocked sessions grouped by server.
Top Blocked Hostnames The number of blocked sessions grouped by hostname.
Scanned Session Events All sessions scanned by Shield.
Blocked Session Events All sessions blocked by Shield.


Firewall Reports

Report Entry Description
Firewall Summary A summary of firewall actions.
Scanned Sessions The amount of scanned, flagged, and blocked sessions over time.
Top Scanned Hostnames The number of scanned session grouped by hostname.
Top Flagged Hostnames The number of flagged session grouped by hostname.
Top Blocked Hostnames The number of blocked sessions grouped by hostname.
Top Scanned Clients The number of scanned session grouped by client.
Top Flagged Clients The number of flagged session grouped by client.
Top Blocked Clients The number of blocked session grouped by client.
Top Scanned Usernames The number of scanned session grouped by username.
Top Flagged Usernames The number of flagged session grouped by username.
Top Blocked Usernames The number of blocked session grouped by username.
Top Scanned Server Ports The number of scanned session grouped by server (destination) port.
Top Flagged Server Ports The number of flagged session grouped by server (destination) port.
Top Blocked Server Ports The number of blocked session grouped by server (destination) port.
All Events All events scanned by Firewall App.
Flagged Events Events flagged by Firewall App.
Blocked Events Events blocked by Firewall App.


OpenVPN Reports

Report Entry Description
OpenVPN Summary A summary of OpenVPN actions.
OpenVPN Bandwidth Usage The approximate amount of data transfered over openvpn connections.
OpenVPN Events The amount of login and logout events over time.
OpenVPN Sessions The amount of openvpn sessions over time.
Top Clients (by usage) The number of bytes transferred grouped by remote client.
Connection Events OpenVPN client connection events.
Statistic Events Shows all OpenVPN connection traffic statistics events.


WAN Failover Reports

Report Entry Description
WAN Failover Summary A summary of WAN Failover actions.
WAN Disconnect Events The number of disconnect events grouped by WAN.
WAN Interface Outages The fails tests of each interface over time.
Outage Events Events where the failure threshold was exceeded and the WAN was considered offline.
Test Events All test events and their outcome.
Failed Test Events All tests that resulted in failure.
Success Test Events All tests that resulted in success.