All Reports: Difference between revisions

From Edge Threat Management Wiki - Arista
Jump to navigationJump to search
No edit summary
 
 
(10 intermediate revisions by 4 users not shown)
Line 1: Line 1:
This page lists all of the reports available in each application or system within Untangle.


== Captive Portal Reports ==
== Captive Portal Reports ==  
<section begin='Captive Portal' />
<section begin='Captive Portal' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
|-
|-
| width="25%" | Captive Portal Summary
| width="25%" | Captive Portal Summary
| width="60%" | A summary of Application Control actions.
| width="60%" | A summary of Captive Portal actions.
|-
|-
| width="25%" | Activity Summary
| width="25%" | Activity Summary
Line 19: Line 18:
| width="60%" | The top clients that were blocked by Captive Portal because they were not logged in.
| width="60%" | The top clients that were blocked by Captive Portal because they were not logged in.
|-
|-
|}
| width="25%" | All Session Events
<section end='Captive Portal' />
| width="60%" | All sessions processed by Captive Portal.
 
|-
 
| width="25%" | Passed Session Events
== SSL Inspector Reports ==
| width="60%" | Sessions matching passed hosts.
<section begin='SSL Inspector' />
|-
{| border="1" cellpadding="2" width="85%%" align="center"
| width="25%" | Captured Session Events
!Report Entry
| width="60%" | Sessions matching capture rules.
!Description
|-
| width="25%" | All User Events
| width="60%" | All user sessions processed by Captive Portal.
|-
| width="25%" | Login Success User Events
| width="60%" | Successful logins to Captive Portal.
|-
|-
| width="25%" | HTTPS Inspector Summary
| width="25%" | Login Failure User Events
| width="60%" | A summary of HTTPS Inspector actions.
| width="60%" | Failed logins to Captive Portal.
|-
|-
| width="25%" | Scanned Sessions
| width="25%" | Session Timeout User Events
| width="60%" | The amount of SSL sessions over time.
| width="60%" | Sessions that reached the session timeout.
|-
|-
| width="25%" | Inspected Sessions
| width="25%" | Idle Timeout User Events
| width="60%" | The amount of inspected SSL sessions over time.
| width="60%" | Sessions that reached the idle timeout.
|-
|-
| width="25%" | Top Inspected Sites
| width="25%" | User Logout User Events
| width="60%" | The number of inspected sessions grouped by site.
| width="60%" | All user logout events.
|-
|-
| width="25%" | Top Ignored Sites
| width="25%" | Admin Logout User Events
| width="60%" | The number of ignored sessions grouped by site.
| width="60%" | Sessions logged off by the admin.
|-
|-
|}
|}
<section end='HTTPS Inspector' />
<section end='Captive Portal' />




== Configuration Backup Reports ==
== Configuration Backup Reports ==  
<section begin='Configuration Backup' />
<section begin='Configuration Backup' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 65: Line 69:
| width="25%" | Backup Usage (failed)
| width="25%" | Backup Usage (failed)
| width="60%" | The amount of failed configuration backups over time.
| width="60%" | The amount of failed configuration backups over time.
|-
| width="25%" | Backup Events
| width="60%" | All Configuration Backup events.
|-
|-
|}
|}
Line 70: Line 77:




== Network Reports ==
== Network Reports ==  
<section begin='Network' />
<section begin='Network' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
|-
| width="25%" | Network Summary
| width="60%" | A summary of network traffic.
|-
| width="25%" | Data Usage (by interface)
| width="60%" | The total data usage by interface.
|-
| width="25%" | Data Usage per Day (by interface)
| width="60%" | The data usage of each interface by day
|-
| width="25%" | Data Rx-Usage (by interface)
| width="60%" | The total received data usage by interface.
|-
| width="25%" | Data Tx-Usage (by interface)
| width="60%" | The total received data usage by interface.
|-
|-
| width="25%" | Sessions
| width="25%" | Sessions
Line 86: Line 108:
|-
|-
| width="25%" | Bandwidth Usage
| width="25%" | Bandwidth Usage
| width="60%" | The approximate averaged data transfer rate (total, sent, received) over time grouped by session creation time.
| width="60%" | The approximate averaged data transfer rate (total, sent, received) over time.
|-
|-
| width="25%" | Top Client Addresses
| width="25%" | Top Client Addresses
| width="60%" | The number of sessions grouped by client (source) address.
| width="60%" | The number of sessions grouped by client (source) address.
|-
| width="25%" | Top Server Addresses
| width="60%" | The number of sessions grouped by server (destination) address.
|-
|-
| width="25%" | Top Server Ports
| width="25%" | Top Server Ports
Line 96: Line 121:
| width="25%" | Top IP Protocols
| width="25%" | Top IP Protocols
| width="60%" | The number of sessions grouped by IP protocol number.
| width="60%" | The number of sessions grouped by IP protocol number.
|-
| width="25%" | Top Server Countries
| width="60%" | The number of sessions grouped by server (destination) country.
|-
| width="25%" | Interface Usage
| width="60%" | The RX rate of each interface over time.
|-
| width="25%" | All Sessions
| width="60%" | All sessions handled by Untangle.
|-
| width="25%" | Scanned Sessions
| width="60%" | All sessions that were not bypassed.
|-
| width="25%" | Bypassed Sessions
| width="60%" | All sessions matching a bypass rule and bypassed.
|-
| width="25%" | Blocked Sessions
| width="60%" | All sessions blocked by filter rules.
|-
| width="25%" | Port Forwarded Sessions
| width="60%" | All sessions match a port forward rule.
|-
| width="25%" | NATd Sessions
| width="60%" | All sessions that have been NATd by Untangle.
|-
| width="25%" | All Session Minutes
| width="60%" | All sessions by minute.
|-
|-
|}
|}
Line 101: Line 153:




== Administration Reports ==
== Administration Reports ==  
<section begin='Administration' />
<section begin='Administration' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 112: Line 164:
| width="25%" | Settings Changes
| width="25%" | Settings Changes
| width="60%" | The number of settings changes over time.
| width="60%" | The number of settings changes over time.
|-
| width="25%" | Admin Login Events
| width="60%" | All local administrator logins.
|-
| width="25%" | All Settings Changes
| width="60%" | All settings changes performed by an administrator.
|-
|-
|}
|}
Line 117: Line 175:




== System Reports ==
== System Reports ==  
<section begin='System' />
<section begin='System' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 133: Line 191:
|-
|-
| width="25%" | Swap Usage
| width="25%" | Swap Usage
| width="60%" | The swap utilization over time as a percent of total swap size .
|-
| width="25%" | Swap Usage Bytes
| width="60%" | The swap utilization over time.
| width="60%" | The swap utilization over time.
|-
| width="25%" | Highest Active Hosts
| width="60%" | The highest number of active hosts.
|-
| width="25%" | Server Status Events
| width="60%" | All system status events.
|-
|-
|}
|}
Line 139: Line 206:




== Application Control Lite Reports ==
== Application Control Lite Reports ==  
<section begin='Application Control Lite' />
<section begin='Application Control Lite' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 168: Line 235:
| width="25%" | Top Logged Users
| width="25%" | Top Logged Users
| width="60%" | The top logged sessions by user.
| width="60%" | The top logged sessions by user.
|-
| width="25%" | All Events
| width="60%" | All sessions scanned by Application Control Lite.
|-
| width="25%" | Blocked Events
| width="60%" | All sessions matching an application signature and blocked.
|-
|-
|}
|}
Line 173: Line 246:




== Spam Blocker Lite Reports ==
== Spam Blocker Lite Reports ==  
<section begin='Spam Blocker Lite' />
<section begin='Spam Blocker Lite' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 202: Line 275:
| width="25%" | Top Spam Sender Addresses
| width="25%" | Top Spam Sender Addresses
| width="60%" | The number of IP addresses sending spam.
| width="60%" | The number of IP addresses sending spam.
|-
| width="25%" | All Email Events
| width="60%" | All emails scanned by Spam Blocker.
|-
| width="25%" | All Spam Events
| width="60%" | All emails marked as Spam.
|-
| width="25%" | Quarantined Events
| width="60%" | All emails marked as Spam and quarantined.
|-
| width="25%" | Tarpit Events
| width="60%" | All email sessions that were tarpitted.
|-
|-
|}
|}
Line 207: Line 292:




== Phish Blocker Reports ==
== Phish Blocker Reports ==  
<section begin='Phish Blocker' />
<section begin='Phish Blocker' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 236: Line 321:
| width="25%" | Top Phish Sender Addresses
| width="25%" | Top Phish Sender Addresses
| width="60%" | The number of IP addresses sending phish.
| width="60%" | The number of IP addresses sending phish.
|-
| width="25%" | All Email Events
| width="60%" | All email sessions scanned by Phish Blocker.
|-
| width="25%" | All Phish Events
| width="60%" | All email sessions detected as phishing attempts.
|-
| width="25%" | Quarantined Events
| width="60%" | All email sessions detected as phishing attempts and quarantined.
|-
|-
|}
|}
Line 241: Line 335:




== Policy Manager Reports ==
== Tunnel VPN Reports ==
<section begin='Tunnel VPN' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
| width="25%" | Tunnel VPN Summary
| width="60%" | A summary of Tunnel VPN traffic.
|-
| width="25%" | Hourly Tunnel Traffic
| width="60%" | The amount of Tunnel VPN traffic over time.
|-
| width="25%" | Top Tunnel Traffic
| width="60%" | The amount of traffic for each Tunnel VPN tunnel.
|-
| width="25%" | Connection Events
| width="60%" | Shows all Tunnel VPN connection events.
|-
| width="25%" | Tunnel Stat Events
| width="60%" | Shows all Tunnel VPN traffic statistics events.
|-
|}
<section end='Tunnel VPN' />
 
 
== Events Reports ==
<section begin='Events' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
| width="25%" | Alerts
| width="60%" | Alerts over time.
|-
| width="25%" | Top Alerts
| width="60%" | The top alerts.
|-
| width="25%" | Alert Events
| width="60%" | Log of all alerts created by alert rules.
|-
|}
<section end='Events' />
 
 
== Users Reports ==
<section begin='Users' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
| width="25%" | Users Events
| width="60%" | All updates to users in the user table.
|-
|}
<section end='Users' />
 
 
== Policy Manager Reports ==  
<section begin='Policy Manager' />
<section begin='Policy Manager' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 249: Line 400:
| width="25%" | Policy Manager Summary
| width="25%" | Policy Manager Summary
| width="60%" | A summary of Policy Manager actions.
| width="60%" | A summary of Policy Manager actions.
|-
| width="25%" | Top Policy Usage
| width="60%" | The amount of bandwidth per policy.
|-
|-
| width="25%" | Sessions By Policy
| width="25%" | Sessions By Policy
Line 255: Line 409:
| width="25%" | Traffic By Policy
| width="25%" | Traffic By Policy
| width="60%" | The amount of traffic for each policy.
| width="60%" | The amount of traffic for each policy.
|-
| width="25%" | All Events
| width="60%" | Lists all sessions with the Policy Manager policy that handled the session.
|-
|-
|}
|}
<section end='Policy Manager' />
<section end='Policy Manager' />
== Threat Prevention Reports ==
<section begin='Threat Prevention' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
| width="25%" | Web Traffic Summary
| width="60%" | A summary of web Threat Prevention actions.
|-
| width="25%" | Non-Web Traffic Summary
| width="60%" | A summary of non-web Threat Prevention actions.
|-
| width="25%" | Web Top Scanned Threats
| width="60%" | The number of web scanned sessions to servers grouped by threat reputation.
|-
| width="25%" | Web Top Blocked Threats
| width="60%" | The number of web blocked sessions to servers grouped by threats reputation.
|-
| width="25%" | Web Top Scanned Categories
| width="60%" | The number of other scanned sessions to servers grouped by threat.
|-
| width="25%" | Web Top Blocked Categories
| width="60%" | The number of web sessions blocked grouped by threat.
|-
| width="25%" | Web Top Blocked Countries
| width="60%" | Top blocked web sessions to servers grouped by country.
|-
| width="25%" | Web Top Scanned Hosts
| width="60%" | The number of web scanned sessions grouped by server.
|-
| width="25%" | Web Top Blocked Hosts
| width="60%" | The number of web blocked session grouped by client.
|-
| width="25%" | Non-Web Top Scanned Threats (by client)
| width="60%" | The number of non-web scanned sessions from clients grouped by threat reputation.
|-
| width="25%" | Non-Web Top Blocked Threats (by client)
| width="60%" | The number of non-web blocked sessions from clients grouped by threat reputation.
|-
| width="25%" | Non-Web Top Scanned Threats (by server)
| width="60%" | The number of non-web scanned sessions to servers grouped by threat reputation.
|-
| width="25%" | Non-Web Top Blocked Threats (by server)
| width="60%" | The number of non-web blocked sessions to servers grouped by threat reputation.
|-
| width="25%" | Non-Web Top Scanned Categories (by client)
| width="60%" | The number of non-web scanned sessions from clients grouped by threat.
|-
| width="25%" | Non-Web Top Blocked Categories (by client)
| width="60%" | The number of non-web blocked sessions from clients grouped by threat.
|-
| width="25%" | Non-Web Top Scanned Categories (by server)
| width="60%" | The number of non-web scanned sessions to servers grouped by threat.
|-
| width="25%" | Non-Web Top Blocked Categories (by server)
| width="60%" | The number of non-web blocked sessions to servers grouped by threat.
|-
| width="25%" | Non-Web Top Blocked Countries (by client)
| width="60%" | Top non-web blocked sessions from clients grouped by country.
|-
| width="25%" | Non-Web Top Blocked Countries (by server)
| width="60%" | Top non-web blocked sessions to servers grouped by threat.
|-
| width="25%" | Non-Web Top Scanned Clients
| width="60%" | The number of non-web scanned session grouped by client.
|-
| width="25%" | Non-Web Top Blocked Clients
| width="60%" | The number of non-web blocked session grouped by client.
|-
| width="25%" | Non-Web Top Scanned Servers
| width="60%" | The number of non-web scanned sessions grouped by server.
|-
| width="25%" | Non-Web Top Blocked Server
| width="60%" | The number of non-web blocked session grouped by client.
|-
| width="25%" | All Web Events
| width="60%" | Shows all scanned web requests.
|-
| width="25%" | Blocked Web Events
| width="60%" | Shows all blocked web requests.
|-
| width="25%" | Non-Web All Events
| width="60%" | All non-web events scanned by Threat Prevention.
|-
| width="25%" | Non-Web Blocked Events
| width="60%" | Non-web events blocked by Threat Prevention.
|-
|}
<section end='Threat Prevention' />




== Ad Blocker Reports ==
== Ad Blocker Reports ==  
<section begin='Ad Blocker' />
<section begin='Ad Blocker' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 274: Line 521:
| width="25%" | Top Blocked Ad Sites
| width="25%" | Top Blocked Ad Sites
| width="60%" | The number of blocked ads grouped by website.
| width="60%" | The number of blocked ads grouped by website.
|-
| width="25%" | All Ad Events
| width="60%" | All HTTP requests scanned by Ad Blocker.
|-
| width="25%" | Blocked Ad Events
| width="60%" | HTTP requests blocked by Ad Blocker.
|-
| width="25%" | Blocked Cookie Events
| width="60%" | Requests blocked by cookie filters.
|-
|-
|}
|}
Line 279: Line 535:




== WAN Balancer Reports ==
== WAN Balancer Reports ==  
<section begin='WAN Balancer' />
<section begin='WAN Balancer' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 298: Line 554:




== Spam Blocker Reports ==
== Spam Blocker Reports ==  
<section begin='Spam Blocker' />
<section begin='Spam Blocker' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 327: Line 583:
| width="25%" | Top Spam Sender Addresses
| width="25%" | Top Spam Sender Addresses
| width="60%" | The number of IP addresses sending spam.
| width="60%" | The number of IP addresses sending spam.
|-
| width="25%" | All Email Events
| width="60%" | All emails scanned by Spam Blocker.
|-
| width="25%" | All Spam Events
| width="60%" | All emails marked as Spam.
|-
| width="25%" | Quarantined Events
| width="60%" | All emails marked as Spam and quarantined.
|-
| width="25%" | Tarpit Events
| width="60%" | All email sessions that were tarpitted.
|-
|-
|}
|}
Line 332: Line 600:




== Application Control Reports ==
== IPsec VPN Reports ==
<section begin='IPsec VPN' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
| width="25%" | IPsec VPN Summary
| width="60%" | A summary of IPsec VPN actions.
|-
| width="25%" | Hourly Tunnel Traffic
| width="60%" | The amount of IPsec tunnel traffic over time.
|-
| width="25%" | Top Tunnel Traffic
| width="60%" | The amount of traffic for each IPsec tunnel.
|-
| width="25%" | Top Active Users
| width="60%" | The top IPsec VPN users by number of sessions.
|-
| width="25%" | Top Download Users
| width="60%" | The top IPsec users grouped by amount of data downloaded.
|-
| width="25%" | Top Upload Users
| width="60%" | The top IPsec users grouped by amount of data uploaded.
|-
| width="25%" | Top Protocols
| width="60%" | The top IPsec VPN connections by protocol.
|-
| width="25%" | L2TP/Xauth Events
| width="60%" | Shows all user L2TP/Xauth events.
|-
| width="25%" | Tunnel Connection Events
| width="60%" | Shows all IPsec VPN tunnel connection events.
|-
| width="25%" | Tunnel Traffic Events
| width="60%" | Shows all IPsec tunnel traffic statistics events.
|-
|}
<section end='IPsec VPN' />
 
 
== SSL Inspector Reports ==
<section begin='SSL Inspector' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
| width="25%" | SSL Inspector Summary
| width="60%" | A summary of SSL Inspector actions.
|-
| width="25%" | Sessions Scanned
| width="60%" | The amount of SSL sessions over time.
|-
| width="25%" | Sessions Inspected
| width="60%" | The amount of inspected SSL sessions over time.
|-
| width="25%" | Top Inspected Sites
| width="60%" | The number of inspected sessions grouped by site.
|-
| width="25%" | Top Ignored Sites
| width="60%" | The number of ignored sessions grouped by site.
|-
| width="25%" | All Sessions
| width="60%" | All sessions detected by SSL Inspector.
|-
| width="25%" | Inspected Sessions
| width="60%" | Events where traffic was fully processed by the inspector, and all traffic was passed through all the other applications and services.
|-
| width="25%" | Ignored Sessions
| width="60%" | Events where traffic was not or could not be inspected, so the traffic was completely ignored and not analyzed by any applications or services.
|-
| width="25%" | Blocked Sessions
| width="60%" | Events where traffic was blocked because it did not contain a valid SSL request, and the Block Invalid Traffic option was enabled.
|-
| width="25%" | Untrusted Sessions
| width="60%" | Events where traffic was blocked because the server certificate could not be authenticated.
|-
| width="25%" | Abandoned Sessions
| width="60%" | Events where traffic was blocked due to an underlying problems with the SSL session.
|-
|}
<section end='SSL Inspector' />
 
 
== Application Control Reports ==  
<section begin='Application Control' />
<section begin='Application Control' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 340: Line 691:
| width="25%" | Application Control Summary
| width="25%" | Application Control Summary
| width="60%" | A summary of Application Control actions.
| width="60%" | A summary of Application Control actions.
|-
| width="25%" | Top Applications Usage
| width="60%" | The amount of bandwidth per top application.
|-
|-
| width="25%" | Scanned Sessions (all)
| width="25%" | Scanned Sessions (all)
Line 349: Line 703:
| width="25%" | Scanned Sessions (blocked)
| width="25%" | Scanned Sessions (blocked)
| width="60%" | The amount of flagged, and blocked sessions over time.
| width="60%" | The amount of flagged, and blocked sessions over time.
|-
| width="25%" | Top Categories (by sessions)
| width="60%" | The number of sessions grouped by category.
|-
|-
| width="25%" | Top Applications (by sessions)
| width="25%" | Top Applications (by sessions)
Line 379: Line 736:
| width="25%" | Top Blocked Usernames
| width="25%" | Top Blocked Usernames
| width="60%" | The number of blocked sessions grouped by username.
| width="60%" | The number of blocked sessions grouped by username.
|-
| width="25%" | Classified Sessions
| width="60%" | All sessions matching an application control signature.
|-
| width="25%" | Flagged Sessions
| width="60%" | All sessions matching an application control signature and flagged.
|-
| width="25%" | Blocked Sessions
| width="60%" | All sessions matching an application control signature and blocked.
|-
| width="25%" | All Sessions
| width="60%" | All sessions scanned by Application Control.
|-
|-
|}
|}
Line 384: Line 753:




== Web Cache Reports ==
== Web Monitor Reports ==
<section begin='Web Monitor' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
| width="25%" | Web Monitor Summary
| width="60%" | A summary of web monitor actions.
|-
| width="25%" | Web Usage
| width="60%" | The amount of total and flagged web requests over time.
|-
| width="25%" | Web Usage (scanned)
| width="60%" | The amount of total web requests over time.
|-
| width="25%" | Web Usage (flagged)
| width="60%" | The amount of flagged web requests over time.
|-
| width="25%" | Top Categories (by request)
| width="60%" | The number of web requests grouped by category.
|-
| width="25%" | Top Categories (by size)
| width="60%" | The sum of the size of requested web content grouped by category.
|-
| width="25%" | Top Flagged Categories
| width="60%" | The number of flagged web requests grouped by category.
|-
| width="25%" | Top Sites (by request)
| width="60%" | The number of web requests grouped by website.
|-
| width="25%" | Top Sites (by size)
| width="60%" | The sum of the size of requested web content grouped by website.
|-
| width="25%" | Top Flagged Sites
| width="60%" | The number of flagged web requests grouped by website.
|-
| width="25%" | Top Domains (by request)
| width="60%" | The number of web requests grouped by domain.
|-
| width="25%" | Top Domains (by size)
| width="60%" | The sum of the size of requested web content grouped by domain.
|-
| width="25%" | Top Flagged Domains
| width="60%" | The number of flagged web requests grouped by domain.
|-
| width="25%" | Top Domains Usage
| width="60%" | The amount of web requests per top domain.
|-
| width="25%" | Top Hostnames (by requests)
| width="60%" | The number of web requests grouped by hostname.
|-
| width="25%" | Top Hostnames (by size)
| width="60%" | The sum of the size of requested web content grouped by hostname.
|-
| width="25%" | Top Flagged Hostnames
| width="60%" | The number of flagged web request grouped by hostname.
|-
| width="25%" | Top Clients (by requests)
| width="60%" | The number of web requests grouped by client.
|-
| width="25%" | Top Clients (by size)
| width="60%" | The sum of the size of requested web content grouped by client.
|-
| width="25%" | Top Flagged Clients
| width="60%" | The number of flagged web request grouped by client.
|-
| width="25%" | Top Usernames (by requests)
| width="60%" | The number of web requests grouped by username.
|-
| width="25%" | Top Usernames (by size)
| width="60%" | The sum of the size of requested web content grouped by username.
|-
| width="25%" | Top Flagged Usernames
| width="60%" | The number of flagged web request grouped by username.
|-
| width="25%" | Top Content (by request)
| width="60%" | The number of web requests grouped by category.
|-
| width="25%" | Top Content (by size)
| width="60%" | The sum of the size of requested web content grouped by category.
|-
| width="25%" | Top Searches
| width="60%" | The number of non blocked, non-flagged search queries grouped by term.
|-
| width="25%" | Top Flagged Searches
| width="60%" | The number of flagged search queries grouped by term.
|-
| width="25%" | All Web Events
| width="60%" | Shows all scanned web requests.
|-
| width="25%" | Flagged Web Events
| width="60%" | Shows all flagged web requests.
|-
| width="25%" | All HTTP Events
| width="60%" | Shows all scanned unencrypted HTTP requests.
|-
| width="25%" | All HTTPS Events
| width="60%" | Shows all encrypted HTTPS requests.
|-
| width="25%" | All Search Events
| width="60%" | Shows all search queries processed by Web Monitor.
|-
| width="25%" | Flagged Search Events
| width="60%" | Shows flagged search queries processed by Web Monitor.
|-
|}
<section end='Web Monitor' />
 
 
== Web Cache Reports ==  
<section begin='Web Cache' />
<section begin='Web Cache' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 393: Line 871:
| width="60%" | A summary of Web Cache actions.
| width="60%" | A summary of Web Cache actions.
|-
|-
| width="25%" | Cache Hit/Miss Statistics
| width="25%" | Cache Hit-Miss Statistics
| width="60%" | The number of cache hits, misses, and sessions bypassed over time.
| width="60%" | The number of cache hits, misses, and sessions bypassed over time.
|-
|-
| width="25%" | Cache Size Statistics
| width="25%" | Cache Size Statistics
| width="60%" | The amount of cached and uncached web data over time.
| width="60%" | The amount of cached and uncached web data over time.
|-
| width="25%" | Web Cache Events
| width="60%" | All HTTP events processed by Web Cache.
|-
|-
|}
|}
Line 403: Line 884:




== IPsec VPN Reports ==
== Directory Connector Reports ==  
<section begin='IPsec VPN' />
<section begin='Directory Connector' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
|-
|-
| width="25%" | IPsec VPN Summary
| width="25%" | Directory Connector Summary
| width="60%" | A summary of IPsec VPN actions.
| width="60%" | A summary of Directory Connector actions.
|-
|-
| width="25%" | Hourly Tunnel Traffic
| width="25%" | API Usage
| width="60%" | The amount of IPsec tunnel traffic over time.
| width="60%" | The amount of login, update and logout user notification API events over time.
|-
| width="25%" | Top Tunnel Traffic
| width="60%" | The amount of traffic for each IPsec tunnel.
|-
| width="25%" | Top Active Users
| width="60%" | The top IPsec VPN users by number of sessions.
|-
| width="25%" | Top Download Users
| width="60%" | The top IPsec users grouped by amount of data downloaded.
|-
|-
| width="25%" | Top Upload Users
| width="25%" | API Events
| width="60%" | The top IPsec users grouped by amount of data uploaded.
| width="60%" | Events from the user notification API.
|-
| width="25%" | Top Protocols
| width="60%" | The top IPsec VPN connections by protocol.
|-
|-
|}
|}
<section end='IPsec VPN' />
<section end='Directory Connector' />




== Intrusion Prevention Reports ==
== Intrusion Prevention Reports ==  
<section begin='Intrusion Prevention' />
<section begin='Intrusion Prevention' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 447: Line 916:
|-
|-
| width="25%" | Intrusion Detection (logged)
| width="25%" | Intrusion Detection (logged)
| width="60%" | The amount of detected pintrusions over time.
| width="60%" | The amount of detected intrusions over time.
|-
|-
| width="25%" | Intrusion Detection (blocked)
| width="25%" | Intrusion Detection (blocked)
| width="60%" | The amount of blocked intrusions over time.
| width="60%" | The amount of blocked intrusions over time.
|-
| width="25%" | Top Rules (all)
| width="60%" | The number of intrusions detevted by rule.
|-
|-
| width="25%" | Top Rules (logged)
| width="25%" | Top Rules (logged)
| width="60%" | The number of intrusions detected grouped by rule.
| width="60%" | The number of intrusions logged by rule.
|-
|-
| width="25%" | Top Rules (blocked)
| width="25%" | Top Rules (blocked)
| width="60%" | The number of intrusions blocked by rule.
| width="60%" | The number of intrusions blocked by rule.
|-
| width="25%" | Top Signatures (all)
| width="60%" | The number of intrusions detected by signature.
|-
| width="25%" | Top Signatures (logged)
| width="60%" | The number of intrusions logged by signature.
|-
| width="25%" | Top Signatures (blocked)
| width="60%" | The number of intrusions blocked by signature.
|-
| width="25%" | Top Classtypes (all)
| width="60%" | The number of intrusions detected by classtype.
|-
|-
| width="25%" | Top Classtypes (logged)
| width="25%" | Top Classtypes (logged)
| width="60%" | The number of intrusions detected grouped by classtype.
| width="60%" | The number of intrusions logged by classtype.
|-
|-
| width="25%" | Top Classtypes (blocked)
| width="25%" | Top Classtypes (blocked)
| width="60%" | The number of intrusions blocked by classtype.
| width="60%" | The number of intrusions blocked by classtype.
|-
| width="25%" | Top Categories (all)
| width="60%" | The number of intrusions detected by category.
|-
|-
| width="25%" | Top Categories (logged)
| width="25%" | Top Categories (logged)
| width="60%" | The number of intrusions detected grouped by category.
| width="60%" | The number of intrusions logged by category.
|-
|-
| width="25%" | Top Categories (blocked)
| width="25%" | Top Categories (blocked)
| width="60%" | The number of intrusions blocked by category.
| width="60%" | The number of intrusions blocked by category.
|-
| width="25%" | Top Source IP Addresses (all)
| width="60%" | The number of intrusions detected by source IP address.
|-
|-
| width="25%" | Top Source IP Addresses (logged)
| width="25%" | Top Source IP Addresses (logged)
| width="60%" | The number of intrusions detected grouped by source IP address.
| width="60%" | The number of intrusions logged by source IP address.
|-
|-
| width="25%" | Top Source IP Addresses (blocked)
| width="25%" | Top Source IP Addresses (blocked)
| width="60%" | The number of intrusions blocked by source IP address.
| width="60%" | The number of intrusions blocked by source IP address.
|-
| width="25%" | Top Source Ports (all)
| width="60%" | The number of intrusions detected by source port.
|-
|-
| width="25%" | Top Source Ports (logged)
| width="25%" | Top Source Ports (logged)
| width="60%" | The number of intrusions detected grouped by source port.
| width="60%" | The number of intrusions logged by source port.
|-
|-
| width="25%" | Top Source Port (blocked)
| width="25%" | Top Source Ports (blocked)
| width="60%" | The number of intrusions blocked by source port.
| width="60%" | The number of intrusions blocked by source port.
|-
| width="25%" | Top Destination IP Addresses (all)
| width="60%" | The number of intrusions detected by destination IP address.
|-
|-
| width="25%" | Top Destination IP Addresses (logged)
| width="25%" | Top Destination IP Addresses (logged)
| width="60%" | The number of intrusions detected grouped by destination IP address.
| width="60%" | The number of intrusions logged by destination IP address.
|-
|-
| width="25%" | Top Destination IP Addresses (blocked)
| width="25%" | Top Destination IP Addresses (blocked)
| width="60%" | The number of intrusions blocked by destination IP address.
| width="60%" | The number of intrusions blocked by destination IP address.
|-
| width="25%" | Top Destination Ports (all)
| width="60%" | The number of intrusions detected by destination port.
|-
|-
| width="25%" | Top Destination Ports (logged)
| width="25%" | Top Destination Ports (logged)
| width="60%" | The number of intrusions detected grouped by destination port.
| width="60%" | The number of intrusions logged by destination port.
|-
|-
| width="25%" | Top Destination Port (blocked)
| width="25%" | Top Destination Ports (blocked)
| width="60%" | The number of intrusions blocked by destination port.
| width="60%" | The number of intrusions blocked by destination port.
|-
| width="25%" | Top Protocols (all)
| width="60%" | The number of intrusions detected by protocol.
|-
|-
| width="25%" | Top Protocols (logged)
| width="25%" | Top Protocols (logged)
| width="60%" | The number of intrusions detected grouped by protocol.
| width="60%" | The number of intrusions logged by protocol.
|-
|-
| width="25%" | Top Protocols (blocked)
| width="25%" | Top Protocols (blocked)
| width="60%" | The number of intrusions blocked by protocol.
| width="60%" | The number of intrusions blocked by protocol.
|-
|-
|}
| width="25%" | All Events
<section end='Intrusion Prevention' />
| width="60%" | All sessions scanned by Intrusion Prevention.
 
 
== Reports Reports ==
<section begin='Reports' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
|-
| width="25%" | Alerts
| width="25%" | Logged Events
| width="60%" | Alerts over time.
| width="60%" | All sessions matching Intrusion Prevention signatures and logged.
|-
|-
| width="25%" | Top Alerts
| width="25%" | Blocked Events
| width="60%" | The top alerts.
| width="60%" | All sessions matching Intrusion Prevention signatures and blocked.
|-
|-
|}
|}
<section end='Reports' />
<section end='Intrusion Prevention' />




== Host Viewer Reports ==
== Devices Reports ==  
<section begin='Host Viewer' />
<section begin='Devices' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
|-
|-
| width="25%" | Host Table Size
| width="25%" | Devices Additions
| width="60%" | The amount of hosts add and removed from the host table over time.
| width="60%" | The amount of devices add and removed from the device table over time.
|-
|-
| width="25%" | Host Table Additions
| width="25%" | Devices Updates
| width="60%" | The amount of hosts add and removed from the host table over time.
| width="60%" | The number of updates to the device table over time.
|-
|-
| width="25%" | Host Table Updates
| width="25%" | Devices Events
| width="60%" | The number of updates to the host table over time.
| width="60%" | All updates to devices in the device table.
|-
|-
|}
|}
<section end='Host Viewer' />
<section end='Devices' />




== Bandwidth Control Reports ==
== Bandwidth Control Reports ==  
<section begin='Bandwidth Control' />
<section begin='Bandwidth Control' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 549: Line 1,044:
|-
|-
| width="25%" | Bandwidth Usage
| width="25%" | Bandwidth Usage
| width="60%" | The approximate averaged data transfer rate (total, sent, received) over time grouped by session creation time.
| width="60%" | The approximate averaged data transfer rate (total, sent, received) over time.
|-
| width="25%" | Top Hostnames Usage
| width="60%" | The bandwidth usage of the top hostnames.
|-
|-
| width="25%" | Top Hostnames (by total bytes)
| width="25%" | Top Hostnames (by total bytes)
Line 559: Line 1,057:
| width="25%" | Top Hostnames (by sent bytes)
| width="25%" | Top Hostnames (by sent bytes)
| width="60%" | The sum of the sent data grouped by hostname.
| width="60%" | The sum of the sent data grouped by hostname.
|-
| width="25%" | Top Clients Usage
| width="60%" | The bandwidth usage of the top clients.
|-
|-
| width="25%" | Top Clients (by total bytes)
| width="25%" | Top Clients (by total bytes)
| width="60%" | The sum of the data transferred grouped by client address.
| width="60%" | The sum of the data transferred grouped by client address.
|-
|-
| width="25%" | Top Clients (by received bytes)
| width="25%" | Top Usernames Usage
| width="60%" | The sum of the data received grouped by client address.
| width="60%" | The bandwidth usage of the top usernames.
|-
| width="25%" | Top Clients (by sent bytes)
| width="60%" | The sum of the data sent grouped by client address.
|-
|-
| width="25%" | Top Usernames (by total bytes)
| width="25%" | Top Usernames (by total bytes)
| width="60%" | The sum of the data transferred grouped by username.
| width="60%" | The sum of the data transferred grouped by username.
|-
|-
| width="25%" | Top Usernames (by received bytes)
| width="25%" | Top Server Port Usage
| width="60%" | The sum of the data transferred grouped by username.
| width="60%" | The bandwidth usage by top server port.
|-
| width="25%" | Top Usernames (by sent bytes)
| width="60%" | The sum of the data transferred grouped by username.
|-
|-
| width="25%" | Top Ports (by total bytes)
| width="25%" | Top Ports (by total bytes)
| width="60%" | The sum of the data transferred grouped by server port.
| width="60%" | The sum of the data transferred grouped by server port.
|-
|-
| width="25%" | Top Ports (by sent bytes)
| width="25%" | Top Ports (by received bytes)
| width="60%" | The sum of the data received grouped by server port.
| width="60%" | The sum of the data received grouped by server port.
|-
|-
| width="25%" | Top Ports (by sent bytes)
| width="25%" | Top Ports (by sent bytes)
| width="60%" | The sum of the data sent grouped by server port.
| width="60%" | The sum of the data sent grouped by server port.
|-
| width="25%" | Top Applications Usage
| width="60%" | The bandwidth usage of the top applications.
|-
|-
| width="25%" | Top Application (by total bytes)
| width="25%" | Top Application (by total bytes)
Line 595: Line 1,093:
| width="25%" | Top Application (by sent bytes)
| width="25%" | Top Application (by sent bytes)
| width="60%" | The sum of the data sent grouped by Application Control application.
| width="60%" | The sum of the data sent grouped by Application Control application.
|-
| width="25%" | Top Categories Usage
| width="60%" | The bandwidth usage of the top application categories.
|-
| width="25%" | Top Category (by total bytes)
| width="60%" | The sum of the data transferred grouped by Application Control category.
|-
| width="25%" | Top Priorities Usage
| width="60%" | The bandwidth usage by priority.
|-
|-
| width="25%" | Top Priorities (by total bytes)
| width="25%" | Top Priorities (by total bytes)
| width="60%" | The sum of the data transferred grouped by priority.
| width="60%" | The sum of the data transferred grouped by priority.
|-
| width="25%" | Top Countries Usage
| width="60%" | The bandwidth usage by top countries.
|-
| width="25%" | Top Countries (by total bytes)
| width="60%" | The sum of the data transferred grouped by country.
|-
|-
| width="25%" | Bypassed (by total bytes)
| width="25%" | Bypassed (by total bytes)
| width="60%" | The sum of the data transferred grouped by bypassed.
| width="60%" | The sum of the data transferred grouped by bypassed.
|-
| width="25%" | All Sessions
| width="60%" | All sessions processed by Bandwidth Control.
|-
| width="25%" | Quota Events
| width="60%" | Shows when quotas are assigned or expired.
|-
| width="25%" | Prioritized Sessions
| width="60%" | All sessions prioritized by Bandwidth Control.
|-
|-
|}
|}
Line 606: Line 1,128:




== Directory Connector Reports ==
== Hosts Reports ==  
<section begin='Directory Connector' />
<section begin='Hosts' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
|-
|-
| width="25%" | Directory Connector Summary
| width="25%" | Hosts Active
| width="60%" | A summary of Directory Connector actions.
| width="60%" | The amount of active hosts by time.
|-
| width="25%" | Hosts Additions
| width="60%" | The amount of hosts add and removed from the host table over time.
|-
| width="25%" | Hosts Updates
| width="60%" | The number of updates to the host table over time.
|-
| width="25%" | Hosts Events
| width="60%" | All updates to hosts in the host table.
|-
|-
| width="25%" | User Notification API Events
| width="25%" | Penalty Box Events
| width="60%" | The amount of login, update and logout user notification API events over time.
| width="60%" | Shows when hosts are tagged with penalty-box or have the tag removed.
|-
|-
|}
|}
<section end='Directory Connector' />
<section end='Hosts' />




== Web Filter Reports ==
== Web Filter Reports ==  
<section begin='Web Filter' />
<section begin='Web Filter' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 631: Line 1,162:
| width="60%" | A summary of web filter actions.
| width="60%" | A summary of web filter actions.
|-
|-
| width="25%" | Web Usage (all)
| width="25%" | Web Usage
| width="60%" | The amount of total, flagged, and blocked web requests over time.
| width="60%" | The amount of total, flagged, and blocked web requests over time.
|-
|-
Line 678: Line 1,209:
| width="25%" | Top Blocked Domains
| width="25%" | Top Blocked Domains
| width="60%" | The number of blocked web requests grouped by domain.
| width="60%" | The number of blocked web requests grouped by domain.
|-
| width="25%" | Top Domains Usage
| width="60%" | The amount of web requests per top domain.
|-
|-
| width="25%" | Top Hostnames (by requests)
| width="25%" | Top Hostnames (by requests)
Line 714: Line 1,248:
| width="25%" | Top Blocked Usernames
| width="25%" | Top Blocked Usernames
| width="60%" | The number of blocked web request grouped by username.
| width="60%" | The number of blocked web request grouped by username.
|-
| width="25%" | Top Content (by request)
| width="60%" | The number of web requests grouped by category.
|-
| width="25%" | Top Content (by size)
| width="60%" | The sum of the size of requested web content grouped by category.
|-
| width="25%" | Top Searches
| width="60%" | The number of non blocked, non-flagged search queries grouped by term.
|-
| width="25%" | Top Flagged Searches
| width="60%" | The number of flagged search queries grouped by term.
|-
| width="25%" | Top Blocked Searches
| width="60%" | The number of blocked search queries grouped by term.
|-
| width="25%" | All Web Events
| width="60%" | Shows all scanned web requests.
|-
| width="25%" | Flagged Web Events
| width="60%" | Shows all flagged web requests.
|-
| width="25%" | Blocked Web Events
| width="60%" | Shows all blocked web requests.
|-
| width="25%" | All HTTP Events
| width="60%" | Shows all scanned unencrypted HTTP requests.
|-
| width="25%" | All HTTPS Events
| width="60%" | Shows all encrypted HTTPS requests.
|-
| width="25%" | Unblocked Web Events
| width="60%" | Shows all unblocked web requests
|-
| width="25%" | All Search Events
| width="60%" | Shows all search queries processed by Web Filter.
|-
| width="25%" | Flagged Search Events
| width="60%" | Shows flagged search queries processed by Web Filter.
|-
| width="25%" | Blocked Search Events
| width="60%" | Shows blocked search queries processed by Web Filter.
|-
|-
|}
|}
Line 719: Line 1,295:




== Virus Blocker Reports ==
== Virus Blocker Reports ==  
<section begin='Virus Blocker' />
<section begin='Virus Blocker' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
|-
| width="25%" | Virus Blocker Web Summary
| width="60%" | A summary of virus blocking actions for web activity.
|-
|-
| width="25%" | Virus Blocker FTP Summary
| width="25%" | Virus Blocker FTP Summary
Line 730: Line 1,309:
| width="25%" | Virus Blocker Email Summary
| width="25%" | Virus Blocker Email Summary
| width="60%" | A summary of virus blocking actions for Email activity.
| width="60%" | A summary of virus blocking actions for Email activity.
|-
| width="25%" | Virus Blocker Web Summary
| width="60%" | A summary of virus blocking actions for web activity.
|-
|-
| width="25%" | Web Usage (all)
| width="25%" | Web Usage (all)
Line 744: Line 1,320:
|-
|-
| width="25%" | Web Top Blocked Viruses
| width="25%" | Web Top Blocked Viruses
| width="60%" | The number of blocked viruses by web activity.
| width="60%" | The top web virus blocked.
|-
|-
| width="25%" | Web Top Blocked Clients
| width="25%" | Web Top Blocked Clients
| width="60%" | The number of clients with blocked viruses by web activity.
| width="60%" | The top web clients by blocked virus count.
|-
|-
| width="25%" | Web Top Blocked Sites
| width="25%" | Web Top Blocked Sites
| width="60%" | The number of clients with blocked viruses by web activity.
| width="60%" | The top web sites by blocked virus count.
|-
| width="25%" | Web Top Scanned Sites
| width="60%" | The top web sites by scan count.
|-
|-
| width="25%" | FTP Usage (all)
| width="25%" | FTP Usage (all)
Line 787: Line 1,366:
| width="25%" | Email Top Blocked Sites
| width="25%" | Email Top Blocked Sites
| width="60%" | The number of clients with blocked viruses by Email activity.
| width="60%" | The number of clients with blocked viruses by Email activity.
|-
| width="25%" | Scanned Web Events
| width="60%" | All HTTP sessions scanned by Virus Blocker.
|-
| width="25%" | Infected Web Events
| width="60%" | Infected HTTP sessions blocked by Virus Blocker.
|-
| width="25%" | Clean Web Events
| width="60%" | Scanned HTTP sessions marked clean.
|-
| width="25%" | Scanned Email Events
| width="60%" | All email sessions scanned by Virus Blocker.
|-
| width="25%" | Infected Email Events
| width="60%" | Infected email sessions blocked by Virus Blocker.
|-
| width="25%" | Clean Email Events
| width="60%" | Scanned email sessions marked clean.
|-
| width="25%" | Scanned Ftp Events
| width="60%" | All FTP sessions scanned by Virus Blocker.
|-
| width="25%" | Infected Ftp Events
| width="60%" | Infected FTP sessions blocked by Virus Blocker.
|-
| width="25%" | Clean Ftp Events
| width="60%" | Scanned FTP sessions marked clean.
|-
|-
|}
|}
Line 792: Line 1,398:




== Virus Blocker Lite Reports ==
== Virus Blocker Lite Reports ==  
<section begin='Virus Blocker Lite' />
<section begin='Virus Blocker Lite' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
|-
| width="25%" | Virus Blocker Lite Web Summary
| width="60%" | A summary of virus blocking actions for web activity.
|-
|-
| width="25%" | Virus Blocker Lite FTP Summary
| width="25%" | Virus Blocker Lite FTP Summary
Line 803: Line 1,412:
| width="25%" | Virus Blocker Lite Email Summary
| width="25%" | Virus Blocker Lite Email Summary
| width="60%" | A summary of virus blocking actions for Email activity.
| width="60%" | A summary of virus blocking actions for Email activity.
|-
| width="25%" | Virus Blocker Lite Web Summary
| width="60%" | A summary of virus blocking actions for web activity.
|-
|-
| width="25%" | Web Usage (all)
| width="25%" | Web Usage (all)
Line 817: Line 1,423:
|-
|-
| width="25%" | Web Top Blocked Viruses
| width="25%" | Web Top Blocked Viruses
| width="60%" | The number of blocked viruses by web activity.
| width="60%" | The top web virus blocked.
|-
|-
| width="25%" | Web Top Blocked Clients
| width="25%" | Web Top Blocked Clients
| width="60%" | The number of clients with blocked viruses by web activity.
| width="60%" | The top web clients by blocked virus count.
|-
|-
| width="25%" | Web Top Blocked Sites
| width="25%" | Web Top Blocked Sites
| width="60%" | The number of clients with blocked viruses by web activity.
| width="60%" | The top web sites by blocked virus count.
|-
| width="25%" | Web Top Scanned Sites
| width="60%" | The top web sites by scan count.
|-
|-
| width="25%" | FTP Usage (all)
| width="25%" | FTP Usage (all)
Line 860: Line 1,469:
| width="25%" | Email Top Blocked Sites
| width="25%" | Email Top Blocked Sites
| width="60%" | The number of clients with blocked viruses by Email activity.
| width="60%" | The number of clients with blocked viruses by Email activity.
|-
| width="25%" | Scanned Web Events
| width="60%" | All HTTP sessions scanned by Virus Blocker Lite.
|-
| width="25%" | Infected Web Events
| width="60%" | Infected HTTP sessions blocked by Virus Blocker Lite.
|-
| width="25%" | Clean Web Events
| width="60%" | Scanned HTTP sessions marked clean.
|-
| width="25%" | Scanned Email Events
| width="60%" | All email sessions scanned by Virus Blocker Lite.
|-
| width="25%" | Infected Email Events
| width="60%" | Infected email sessions blocked by Virus Blocker Lite.
|-
| width="25%" | Clean Email Events
| width="60%" | Scanned email sessions marked clean.
|-
| width="25%" | Scanned Ftp Events
| width="60%" | All FTP sessions scanned by Virus Blocker Lite.
|-
| width="25%" | Infected Ftp Events
| width="60%" | Infected FTP sessions blocked by Virus Blocker Lite.
|-
| width="25%" | Clean Ftp Events
| width="60%" | Scanned FTP sessions marked clean.
|-
|-
|}
|}
Line 865: Line 1,501:




== Shield Reports ==
== Shield Reports ==  
<section begin='Shield' />
<section begin='Shield' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 876: Line 1,512:
| width="25%" | Blocked Sessions
| width="25%" | Blocked Sessions
| width="60%" | The amount of blocked sessions over time.
| width="60%" | The amount of blocked sessions over time.
|-
| width="25%" | Top Blocked Usernames
| width="60%" | The number of blocked sessions grouped by username.
|-
|-
| width="25%" | Top Blocked Clients
| width="25%" | Top Blocked Clients
| width="60%" | The number of blocked sessions grouped by client.
| width="60%" | The number of blocked sessions grouped by client.
|-
|-
| width="25%" | Top Blocked Usernames
| width="25%" | Top Blocked Ports
| width="60%" | The number of blocked sessions grouped by username.
| width="60%" | The number of blocked sessions grouped by server port.
|-
| width="25%" | Top Blocked Servers
| width="60%" | The number of blocked sessions grouped by server.
|-
|-
| width="25%" | Top Blocked Hostnames
| width="25%" | Top Blocked Hostnames
| width="60%" | The number of blocked sessions grouped by hostname.
| width="60%" | The number of blocked sessions grouped by hostname.
|-
| width="25%" | Scanned Session Events
| width="60%" | All sessions scanned by Shield.
|-
| width="25%" | Blocked Session Events
| width="60%" | All sessions blocked by Shield.
|-
|-
|}
|}
Line 890: Line 1,538:




== Firewall Reports ==
== Firewall Reports ==  
<section begin='Firewall' />
<section begin='Firewall' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 918: Line 1,566:
|-
|-
| width="25%" | Top Blocked Clients
| width="25%" | Top Blocked Clients
| width="60%" | The number of flagged session grouped by client.
| width="60%" | The number of blocked session grouped by client.
|-
|-
| width="25%" | Top Scanned Usernames
| width="25%" | Top Scanned Usernames
Line 927: Line 1,575:
|-
|-
| width="25%" | Top Blocked Usernames
| width="25%" | Top Blocked Usernames
| width="60%" | The number of flagged session grouped by username.
| width="60%" | The number of blocked session grouped by username.
|-
|-
| width="25%" | Top Scanned Server Ports
| width="25%" | Top Scanned Server Ports
Line 936: Line 1,584:
|-
|-
| width="25%" | Top Blocked Server Ports
| width="25%" | Top Blocked Server Ports
| width="60%" | The number of flagged session grouped by server (destination) port.
| width="60%" | The number of blocked session grouped by server (destination) port.
|-
|}
<section end='Firewall' />
 
 
== Web Filter Lite Reports ==
<section begin='Web Filter Lite' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
|-
| width="25%" | Web Filter Lite Summary
| width="25%" | All Events
| width="60%" | A summary of web filter lite actions.
| width="60%" | All events scanned by Firewall App.
|-
|-
| width="25%" | Web Usage (all)
| width="25%" | Flagged Events
| width="60%" | The amount of total, flagged, and blocked web requests over time.
| width="60%" | Events flagged by Firewall App.
|-
|-
| width="25%" | Web Usage (scanned)
| width="25%" | Blocked Events
| width="60%" | The amount of total, flagged, and blocked web requests over time.
| width="60%" | Events blocked by Firewall App.
|-
| width="25%" | Web Usage (flagged)
| width="60%" | The amount of flagged, and blocked web requests over time.
|-
| width="25%" | Web Usage (blocked)
| width="60%" | The amount of flagged, and blocked web requests over time.
|-
| width="25%" | Top Categories (by request)
| width="60%" | The number of web requests grouped by category.
|-
| width="25%" | Top Categories (by size)
| width="60%" | The sum of the size of requested web content grouped by category.
|-
| width="25%" | Top Flagged Categories
| width="60%" | The number of flagged web requests grouped by category.
|-
| width="25%" | Top Blocked Categories
| width="60%" | The number of blocked web requests grouped by category.
|-
| width="25%" | Top Sites (by request)
| width="60%" | The number of web requests grouped by website.
|-
| width="25%" | Top Sites (by size)
| width="60%" | The sum of the size of requested web content grouped by website.
|-
| width="25%" | Top Flagged Sites
| width="60%" | The number of flagged web requests grouped by website.
|-
| width="25%" | Top Blocked Sites
| width="60%" | The number of blocked web requests grouped by website.
|-
| width="25%" | Top Domains (by request)
| width="60%" | The number of web requests grouped by domain.
|-
| width="25%" | Top Domains (by size)
| width="60%" | The sum of the size of requested web content grouped by domain.
|-
| width="25%" | Top Flagged Domains
| width="60%" | The number of flagged web requests grouped by domain.
|-
| width="25%" | Top Blocked Domains
| width="60%" | The number of blocked web requests grouped by domain.
|-
| width="25%" | Top Hostnames (by requests)
| width="60%" | The number of web requests grouped by hostname.
|-
| width="25%" | Top Hostnames (by size)
| width="60%" | The sum of the size of requested web content grouped by hostname.
|-
| width="25%" | Top Flagged Hostnames
| width="60%" | The number of flagged web request grouped by hostname.
|-
| width="25%" | Top Blocked Hostnames
| width="60%" | The number of blocked web request grouped by hostname.
|-
| width="25%" | Top Clients (by requests)
| width="60%" | The number of web requests grouped by client.
|-
| width="25%" | Top Clients (by size)
| width="60%" | The sum of the size of requested web content grouped by client.
|-
| width="25%" | Top Flagged Clients
| width="60%" | The number of flagged web request grouped by client.
|-
| width="25%" | Top Blocked Clients
| width="60%" | The number of blocked web request grouped by client.
|-
| width="25%" | Top Usernames (by requests)
| width="60%" | The number of web requests grouped by username.
|-
| width="25%" | Top Usernames (by size)
| width="60%" | The sum of the size of requested web content grouped by username.
|-
| width="25%" | Top Flagged Usernames
| width="60%" | The number of flagged web request grouped by username.
|-
| width="25%" | Top Blocked Usernames
| width="60%" | The number of blocked web request grouped by username.
|-
|-
|}
|}
<section end='Web Filter Lite' />
<section end='Firewall' />




== OpenVPN Reports ==
== OpenVPN Reports ==  
<section begin='OpenVPN' />
<section begin='OpenVPN' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 1,059: Line 1,619:
| width="25%" | Top Clients (by usage)
| width="25%" | Top Clients (by usage)
| width="60%" | The number of bytes transferred grouped by remote client.
| width="60%" | The number of bytes transferred grouped by remote client.
|-
| width="25%" | Connection Events
| width="60%" | OpenVPN client connection events.
|-
| width="25%" | Statistic Events
| width="60%" | Shows all OpenVPN connection traffic statistics events.
|-
|-
|}
|}
Line 1,064: Line 1,630:




== WAN Failover Reports ==
== WAN Failover Reports ==  
<section begin='WAN Failover' />
<section begin='WAN Failover' />
{| border="1" cellpadding="2" width="85%%" align="center"
{| border="1" cellpadding="2" width="85%%" align="center"  
!Report Entry
!Report Entry
!Description
!Description
Line 1,075: Line 1,641:
| width="25%" | WAN Disconnect Events
| width="25%" | WAN Disconnect Events
| width="60%" | The number of disconnect events grouped by WAN.
| width="60%" | The number of disconnect events grouped by WAN.
|-
| width="25%" | WAN Interface Outages
| width="60%" | The fails tests of each interface over time.
|-
| width="25%" | Outage Events
| width="60%" | Events where the failure threshold was exceeded and the WAN was considered offline.
|-
| width="25%" | Test Events
| width="60%" | All test events and their outcome.
|-
| width="25%" | Failed Test Events
| width="60%" | All tests that resulted in failure.
|-
| width="25%" | Success Test Events
| width="60%" | All tests that resulted in success.
|-
|-
|}
|}
<section end='WAN Failover' />
<section end='WAN Failover' />
== WireGuard VPN Reports ==
<section begin='WireGuard VPN' />
{| border="1" cellpadding="2" width="85%%" align="center"
!Report Entry
!Description
|-
| width="25%" | WireGuard VPN Summary
| width="60%" | A summary of WireGuard VPN traffic.
|-
| width="25%" | WireGuard VPN Bandwidth Usage
| width="60%" | The amount of traffic processed by the WireGuard service.
|-
| width="25%" | WireGuard VPN Events
| width="60%" | Time chart of WireGuard VPN connection events.
|-
| width="25%" | Top Remove Clients (by usage)
| width="60%" | The top WireGuard VPN peers by traffic usage.
|-
| width="25%" | Connection Events
| width="60%" | Shows all WireGuard VPN tunnel monitoring events.
|-
| width="25%" | Tunnel Traffic Events
| width="60%" | Shows all WireGuard tunnel traffic statistics events.
|-
|}
<section end='WireGuard VPN' />

Latest revision as of 16:39, 19 September 2022

Captive Portal Reports

<section begin='Captive Portal' />

Report Entry Description
Captive Portal Summary A summary of Captive Portal actions.
Activity Summary A summary of Captive Portal activity.
Top Active Users The top active users that logged in to Captive Portal.
Top Blocked Clients The top clients that were blocked by Captive Portal because they were not logged in.
All Session Events All sessions processed by Captive Portal.
Passed Session Events Sessions matching passed hosts.
Captured Session Events Sessions matching capture rules.
All User Events All user sessions processed by Captive Portal.
Login Success User Events Successful logins to Captive Portal.
Login Failure User Events Failed logins to Captive Portal.
Session Timeout User Events Sessions that reached the session timeout.
Idle Timeout User Events Sessions that reached the idle timeout.
User Logout User Events All user logout events.
Admin Logout User Events Sessions logged off by the admin.

<section end='Captive Portal' />


Configuration Backup Reports

<section begin='Configuration Backup' />

Report Entry Description
Configuration Backup Summary A summary of configuration backup actions.
Backup Usage (all) The amount of successes, and failures of configuration backup over time.
Backup Usage (success) The amount of successful configuration backups over time.
Backup Usage (failed) The amount of failed configuration backups over time.
Backup Events All Configuration Backup events.

<section end='Configuration Backup' />


Network Reports

<section begin='Network' />

Report Entry Description
Network Summary A summary of network traffic.
Data Usage (by interface) The total data usage by interface.
Data Usage per Day (by interface) The data usage of each interface by day
Data Rx-Usage (by interface) The total received data usage by interface.
Data Tx-Usage (by interface) The total received data usage by interface.
Sessions The amount of total, scanned, and bypassed sessions over time.
Sessions Per Minute The amount of total, scanned, and bypassed sessions created per minute.
Sessions Per Hour The amount of total, scanned, and bypassed sessions created per hour.
Bandwidth Usage The approximate averaged data transfer rate (total, sent, received) over time.
Top Client Addresses The number of sessions grouped by client (source) address.
Top Server Addresses The number of sessions grouped by server (destination) address.
Top Server Ports The number of sessions grouped by server (destination) port.
Top IP Protocols The number of sessions grouped by IP protocol number.
Top Server Countries The number of sessions grouped by server (destination) country.
Interface Usage The RX rate of each interface over time.
All Sessions All sessions handled by Untangle.
Scanned Sessions All sessions that were not bypassed.
Bypassed Sessions All sessions matching a bypass rule and bypassed.
Blocked Sessions All sessions blocked by filter rules.
Port Forwarded Sessions All sessions match a port forward rule.
NATd Sessions All sessions that have been NATd by Untangle.
All Session Minutes All sessions by minute.

<section end='Network' />


Administration Reports

<section begin='Administration' />

Report Entry Description
Admin Logins The number of total, successful, and failed admin logins over time.
Settings Changes The number of settings changes over time.
Admin Login Events All local administrator logins.
All Settings Changes All settings changes performed by an administrator.

<section end='Administration' />


System Reports

<section begin='System' />

Report Entry Description
CPU Load The CPU load over time.
Disk Usage The disk utilization over time.
Memory Usage The amount of free memory over time.
Swap Usage The swap utilization over time as a percent of total swap size .
Swap Usage Bytes The swap utilization over time.
Highest Active Hosts The highest number of active hosts.
Server Status Events All system status events.

<section end='System' />


Application Control Lite Reports

<section begin='Application Control Lite' />

Report Entry Description
Application Control Lite Summary A summary of Application Control Lite actions.
Detection Statistics The number of logged and blocked sessions over time.
Top Blocked Protocols The top blocked sessions by protocol.
Top Logged Protocols The top logged sessions by protocol.
Top Blocked Hosts The top blocked sessions by host.
Top Logged Hosts The top logged sessions by host.
Top Blocked Users The top blocked sessions by user.
Top Logged Users The top logged sessions by user.
All Events All sessions scanned by Application Control Lite.
Blocked Events All sessions matching an application signature and blocked.

<section end='Application Control Lite' />


Spam Blocker Lite Reports

<section begin='Spam Blocker Lite' />

Report Entry Description
Spam Blocker Lite Summary A summary of spam blocking actions for email activity.
Email Usage (all) The amount of scanned, clean, and spam email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (clean) The amount of clean email over time.
Email Usage (spam) The amount of spam email over time.
Spam Ratio The ratio of spam (true) to ham (false)
Top Spam Recipients The number of email addresses with spam.
Top Spam Sender Addresses The number of IP addresses sending spam.
All Email Events All emails scanned by Spam Blocker.
All Spam Events All emails marked as Spam.
Quarantined Events All emails marked as Spam and quarantined.
Tarpit Events All email sessions that were tarpitted.

<section end='Spam Blocker Lite' />


Phish Blocker Reports

<section begin='Phish Blocker' />

Report Entry Description
Phish Blocker Summary A summary of phish blocking actions for email activity.
Email Usage (all) The amount of scanned, clean, and phish email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (clean) The amount of clean email over time.
Email Usage (phish) The amount of phish email over time.
Phish Ratio The ratio of phish (true) to ham (false)
Top Phish Recipients The number of email addresses with phish.
Top Phish Sender Addresses The number of IP addresses sending phish.
All Email Events All email sessions scanned by Phish Blocker.
All Phish Events All email sessions detected as phishing attempts.
Quarantined Events All email sessions detected as phishing attempts and quarantined.

<section end='Phish Blocker' />


Tunnel VPN Reports

<section begin='Tunnel VPN' />

Report Entry Description
Tunnel VPN Summary A summary of Tunnel VPN traffic.
Hourly Tunnel Traffic The amount of Tunnel VPN traffic over time.
Top Tunnel Traffic The amount of traffic for each Tunnel VPN tunnel.
Connection Events Shows all Tunnel VPN connection events.
Tunnel Stat Events Shows all Tunnel VPN traffic statistics events.

<section end='Tunnel VPN' />


Events Reports

<section begin='Events' />

Report Entry Description
Alerts Alerts over time.
Top Alerts The top alerts.
Alert Events Log of all alerts created by alert rules.

<section end='Events' />


Users Reports

<section begin='Users' />

Report Entry Description
Users Events All updates to users in the user table.

<section end='Users' />


Policy Manager Reports

<section begin='Policy Manager' />

Report Entry Description
Policy Manager Summary A summary of Policy Manager actions.
Top Policy Usage The amount of bandwidth per policy.
Sessions By Policy The number of sessions for each policy.
Traffic By Policy The amount of traffic for each policy.
All Events Lists all sessions with the Policy Manager policy that handled the session.

<section end='Policy Manager' />

Threat Prevention Reports

<section begin='Threat Prevention' />

Report Entry Description
Web Traffic Summary A summary of web Threat Prevention actions.
Non-Web Traffic Summary A summary of non-web Threat Prevention actions.
Web Top Scanned Threats The number of web scanned sessions to servers grouped by threat reputation.
Web Top Blocked Threats The number of web blocked sessions to servers grouped by threats reputation.
Web Top Scanned Categories The number of other scanned sessions to servers grouped by threat.
Web Top Blocked Categories The number of web sessions blocked grouped by threat.
Web Top Blocked Countries Top blocked web sessions to servers grouped by country.
Web Top Scanned Hosts The number of web scanned sessions grouped by server.
Web Top Blocked Hosts The number of web blocked session grouped by client.
Non-Web Top Scanned Threats (by client) The number of non-web scanned sessions from clients grouped by threat reputation.
Non-Web Top Blocked Threats (by client) The number of non-web blocked sessions from clients grouped by threat reputation.
Non-Web Top Scanned Threats (by server) The number of non-web scanned sessions to servers grouped by threat reputation.
Non-Web Top Blocked Threats (by server) The number of non-web blocked sessions to servers grouped by threat reputation.
Non-Web Top Scanned Categories (by client) The number of non-web scanned sessions from clients grouped by threat.
Non-Web Top Blocked Categories (by client) The number of non-web blocked sessions from clients grouped by threat.
Non-Web Top Scanned Categories (by server) The number of non-web scanned sessions to servers grouped by threat.
Non-Web Top Blocked Categories (by server) The number of non-web blocked sessions to servers grouped by threat.
Non-Web Top Blocked Countries (by client) Top non-web blocked sessions from clients grouped by country.
Non-Web Top Blocked Countries (by server) Top non-web blocked sessions to servers grouped by threat.
Non-Web Top Scanned Clients The number of non-web scanned session grouped by client.
Non-Web Top Blocked Clients The number of non-web blocked session grouped by client.
Non-Web Top Scanned Servers The number of non-web scanned sessions grouped by server.
Non-Web Top Blocked Server The number of non-web blocked session grouped by client.
All Web Events Shows all scanned web requests.
Blocked Web Events Shows all blocked web requests.
Non-Web All Events All non-web events scanned by Threat Prevention.
Non-Web Blocked Events Non-web events blocked by Threat Prevention.

<section end='Threat Prevention' />


Ad Blocker Reports

<section begin='Ad Blocker' />

Report Entry Description
Ad Blocker Summary A summary of ad blocker actions.
Ads Blocked The amount of detected and blocked ads over time.
Top Blocked Ad Sites The number of blocked ads grouped by website.
All Ad Events All HTTP requests scanned by Ad Blocker.
Blocked Ad Events HTTP requests blocked by Ad Blocker.
Blocked Cookie Events Requests blocked by cookie filters.

<section end='Ad Blocker' />


WAN Balancer Reports

<section begin='WAN Balancer' />

Report Entry Description
WAN Balancer Summary A summary of WAN Balancer actions.
Sessions By Interface The number of sessions destined to each interface.
Bytes By Interface The number of bytes destined to each interface.

<section end='WAN Balancer' />


Spam Blocker Reports

<section begin='Spam Blocker' />

Report Entry Description
Spam Blocker Summary A summary of spam blocking actions for email activity.
Email Usage (all) The amount of scanned, clean, and spam email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (clean) The amount of clean email over time.
Email Usage (spam) The amount of spam email over time.
Spam Ratio The ratio of spam (true) to ham (false)
Top Spam Recipients The number of email addresses with spam.
Top Spam Sender Addresses The number of IP addresses sending spam.
All Email Events All emails scanned by Spam Blocker.
All Spam Events All emails marked as Spam.
Quarantined Events All emails marked as Spam and quarantined.
Tarpit Events All email sessions that were tarpitted.

<section end='Spam Blocker' />


IPsec VPN Reports

<section begin='IPsec VPN' />

Report Entry Description
IPsec VPN Summary A summary of IPsec VPN actions.
Hourly Tunnel Traffic The amount of IPsec tunnel traffic over time.
Top Tunnel Traffic The amount of traffic for each IPsec tunnel.
Top Active Users The top IPsec VPN users by number of sessions.
Top Download Users The top IPsec users grouped by amount of data downloaded.
Top Upload Users The top IPsec users grouped by amount of data uploaded.
Top Protocols The top IPsec VPN connections by protocol.
L2TP/Xauth Events Shows all user L2TP/Xauth events.
Tunnel Connection Events Shows all IPsec VPN tunnel connection events.
Tunnel Traffic Events Shows all IPsec tunnel traffic statistics events.

<section end='IPsec VPN' />


SSL Inspector Reports

<section begin='SSL Inspector' />

Report Entry Description
SSL Inspector Summary A summary of SSL Inspector actions.
Sessions Scanned The amount of SSL sessions over time.
Sessions Inspected The amount of inspected SSL sessions over time.
Top Inspected Sites The number of inspected sessions grouped by site.
Top Ignored Sites The number of ignored sessions grouped by site.
All Sessions All sessions detected by SSL Inspector.
Inspected Sessions Events where traffic was fully processed by the inspector, and all traffic was passed through all the other applications and services.
Ignored Sessions Events where traffic was not or could not be inspected, so the traffic was completely ignored and not analyzed by any applications or services.
Blocked Sessions Events where traffic was blocked because it did not contain a valid SSL request, and the Block Invalid Traffic option was enabled.
Untrusted Sessions Events where traffic was blocked because the server certificate could not be authenticated.
Abandoned Sessions Events where traffic was blocked due to an underlying problems with the SSL session.

<section end='SSL Inspector' />


Application Control Reports

<section begin='Application Control' />

Report Entry Description
Application Control Summary A summary of Application Control actions.
Top Applications Usage The amount of bandwidth per top application.
Scanned Sessions (all) The amount of scanned, flagged, and blocked sessions over time.
Scanned Sessions (flagged) The amount of flagged, and blocked sessions over time.
Scanned Sessions (blocked) The amount of flagged, and blocked sessions over time.
Top Categories (by sessions) The number of sessions grouped by category.
Top Applications (by sessions) The number of sessions grouped by application.
Top Applications (by size) The number of bytes grouped by application.
Top Flagged Applications The number of flagged sessions grouped by application.
Top Blocked Applications The number of blocked sessions grouped by application.
Top Flagged Hostnames The number of flagged sessions grouped by hostname.
Top Blocked Hostnames The number of blocked sessions grouped by hostname.
Top Flagged Clients The number of flagged sessions grouped by client.
Top Blocked Clients The number of blocked sessions grouped by client.
Top Flagged Usernames The number of flagged sessions grouped by username.
Top Blocked Usernames The number of blocked sessions grouped by username.
Classified Sessions All sessions matching an application control signature.
Flagged Sessions All sessions matching an application control signature and flagged.
Blocked Sessions All sessions matching an application control signature and blocked.
All Sessions All sessions scanned by Application Control.

<section end='Application Control' />


Web Monitor Reports

<section begin='Web Monitor' />

Report Entry Description
Web Monitor Summary A summary of web monitor actions.
Web Usage The amount of total and flagged web requests over time.
Web Usage (scanned) The amount of total web requests over time.
Web Usage (flagged) The amount of flagged web requests over time.
Top Categories (by request) The number of web requests grouped by category.
Top Categories (by size) The sum of the size of requested web content grouped by category.
Top Flagged Categories The number of flagged web requests grouped by category.
Top Sites (by request) The number of web requests grouped by website.
Top Sites (by size) The sum of the size of requested web content grouped by website.
Top Flagged Sites The number of flagged web requests grouped by website.
Top Domains (by request) The number of web requests grouped by domain.
Top Domains (by size) The sum of the size of requested web content grouped by domain.
Top Flagged Domains The number of flagged web requests grouped by domain.
Top Domains Usage The amount of web requests per top domain.
Top Hostnames (by requests) The number of web requests grouped by hostname.
Top Hostnames (by size) The sum of the size of requested web content grouped by hostname.
Top Flagged Hostnames The number of flagged web request grouped by hostname.
Top Clients (by requests) The number of web requests grouped by client.
Top Clients (by size) The sum of the size of requested web content grouped by client.
Top Flagged Clients The number of flagged web request grouped by client.
Top Usernames (by requests) The number of web requests grouped by username.
Top Usernames (by size) The sum of the size of requested web content grouped by username.
Top Flagged Usernames The number of flagged web request grouped by username.
Top Content (by request) The number of web requests grouped by category.
Top Content (by size) The sum of the size of requested web content grouped by category.
Top Searches The number of non blocked, non-flagged search queries grouped by term.
Top Flagged Searches The number of flagged search queries grouped by term.
All Web Events Shows all scanned web requests.
Flagged Web Events Shows all flagged web requests.
All HTTP Events Shows all scanned unencrypted HTTP requests.
All HTTPS Events Shows all encrypted HTTPS requests.
All Search Events Shows all search queries processed by Web Monitor.
Flagged Search Events Shows flagged search queries processed by Web Monitor.

<section end='Web Monitor' />


Web Cache Reports

<section begin='Web Cache' />

Report Entry Description
Web Cache Summary A summary of Web Cache actions.
Cache Hit-Miss Statistics The number of cache hits, misses, and sessions bypassed over time.
Cache Size Statistics The amount of cached and uncached web data over time.
Web Cache Events All HTTP events processed by Web Cache.

<section end='Web Cache' />


Directory Connector Reports

<section begin='Directory Connector' />

Report Entry Description
Directory Connector Summary A summary of Directory Connector actions.
API Usage The amount of login, update and logout user notification API events over time.
API Events Events from the user notification API.

<section end='Directory Connector' />


Intrusion Prevention Reports

<section begin='Intrusion Prevention' />

Report Entry Description
Intrusion Prevention Summary A summary of intrusion detection and prevention actions.
Intrusion Detection (all) The amount of detected and blocked intrusions over time.
Intrusion Detection (logged) The amount of detected intrusions over time.
Intrusion Detection (blocked) The amount of blocked intrusions over time.
Top Rules (all) The number of intrusions detevted by rule.
Top Rules (logged) The number of intrusions logged by rule.
Top Rules (blocked) The number of intrusions blocked by rule.
Top Signatures (all) The number of intrusions detected by signature.
Top Signatures (logged) The number of intrusions logged by signature.
Top Signatures (blocked) The number of intrusions blocked by signature.
Top Classtypes (all) The number of intrusions detected by classtype.
Top Classtypes (logged) The number of intrusions logged by classtype.
Top Classtypes (blocked) The number of intrusions blocked by classtype.
Top Categories (all) The number of intrusions detected by category.
Top Categories (logged) The number of intrusions logged by category.
Top Categories (blocked) The number of intrusions blocked by category.
Top Source IP Addresses (all) The number of intrusions detected by source IP address.
Top Source IP Addresses (logged) The number of intrusions logged by source IP address.
Top Source IP Addresses (blocked) The number of intrusions blocked by source IP address.
Top Source Ports (all) The number of intrusions detected by source port.
Top Source Ports (logged) The number of intrusions logged by source port.
Top Source Ports (blocked) The number of intrusions blocked by source port.
Top Destination IP Addresses (all) The number of intrusions detected by destination IP address.
Top Destination IP Addresses (logged) The number of intrusions logged by destination IP address.
Top Destination IP Addresses (blocked) The number of intrusions blocked by destination IP address.
Top Destination Ports (all) The number of intrusions detected by destination port.
Top Destination Ports (logged) The number of intrusions logged by destination port.
Top Destination Ports (blocked) The number of intrusions blocked by destination port.
Top Protocols (all) The number of intrusions detected by protocol.
Top Protocols (logged) The number of intrusions logged by protocol.
Top Protocols (blocked) The number of intrusions blocked by protocol.
All Events All sessions scanned by Intrusion Prevention.
Logged Events All sessions matching Intrusion Prevention signatures and logged.
Blocked Events All sessions matching Intrusion Prevention signatures and blocked.

<section end='Intrusion Prevention' />


Devices Reports

<section begin='Devices' />

Report Entry Description
Devices Additions The amount of devices add and removed from the device table over time.
Devices Updates The number of updates to the device table over time.
Devices Events All updates to devices in the device table.

<section end='Devices' />


Bandwidth Control Reports

<section begin='Bandwidth Control' />

Report Entry Description
Bandwidth Control Summary A summary of Bandwidth Control actions.
Bandwidth Usage The approximate averaged data transfer rate (total, sent, received) over time.
Top Hostnames Usage The bandwidth usage of the top hostnames.
Top Hostnames (by total bytes) The sum of the data transferred grouped by hostname.
Top Hostnames (by received bytes) The sum of the received data grouped by hostname.
Top Hostnames (by sent bytes) The sum of the sent data grouped by hostname.
Top Clients Usage The bandwidth usage of the top clients.
Top Clients (by total bytes) The sum of the data transferred grouped by client address.
Top Usernames Usage The bandwidth usage of the top usernames.
Top Usernames (by total bytes) The sum of the data transferred grouped by username.
Top Server Port Usage The bandwidth usage by top server port.
Top Ports (by total bytes) The sum of the data transferred grouped by server port.
Top Ports (by received bytes) The sum of the data received grouped by server port.
Top Ports (by sent bytes) The sum of the data sent grouped by server port.
Top Applications Usage The bandwidth usage of the top applications.
Top Application (by total bytes) The sum of the data transferred grouped by Application Control application.
Top Application (by received bytes) The sum of the data sent grouped by Application Control application.
Top Application (by sent bytes) The sum of the data sent grouped by Application Control application.
Top Categories Usage The bandwidth usage of the top application categories.
Top Category (by total bytes) The sum of the data transferred grouped by Application Control category.
Top Priorities Usage The bandwidth usage by priority.
Top Priorities (by total bytes) The sum of the data transferred grouped by priority.
Top Countries Usage The bandwidth usage by top countries.
Top Countries (by total bytes) The sum of the data transferred grouped by country.
Bypassed (by total bytes) The sum of the data transferred grouped by bypassed.
All Sessions All sessions processed by Bandwidth Control.
Quota Events Shows when quotas are assigned or expired.
Prioritized Sessions All sessions prioritized by Bandwidth Control.

<section end='Bandwidth Control' />


Hosts Reports

<section begin='Hosts' />

Report Entry Description
Hosts Active The amount of active hosts by time.
Hosts Additions The amount of hosts add and removed from the host table over time.
Hosts Updates The number of updates to the host table over time.
Hosts Events All updates to hosts in the host table.
Penalty Box Events Shows when hosts are tagged with penalty-box or have the tag removed.

<section end='Hosts' />


Web Filter Reports

<section begin='Web Filter' />

Report Entry Description
Web Filter Summary A summary of web filter actions.
Web Usage The amount of total, flagged, and blocked web requests over time.
Web Usage (scanned) The amount of total, flagged, and blocked web requests over time.
Web Usage (flagged) The amount of flagged, and blocked web requests over time.
Web Usage (blocked) The amount of flagged, and blocked web requests over time.
Top Categories (by request) The number of web requests grouped by category.
Top Categories (by size) The sum of the size of requested web content grouped by category.
Top Flagged Categories The number of flagged web requests grouped by category.
Top Blocked Categories The number of blocked web requests grouped by category.
Top Sites (by request) The number of web requests grouped by website.
Top Sites (by size) The sum of the size of requested web content grouped by website.
Top Flagged Sites The number of flagged web requests grouped by website.
Top Blocked Sites The number of blocked web requests grouped by website.
Top Domains (by request) The number of web requests grouped by domain.
Top Domains (by size) The sum of the size of requested web content grouped by domain.
Top Flagged Domains The number of flagged web requests grouped by domain.
Top Blocked Domains The number of blocked web requests grouped by domain.
Top Domains Usage The amount of web requests per top domain.
Top Hostnames (by requests) The number of web requests grouped by hostname.
Top Hostnames (by size) The sum of the size of requested web content grouped by hostname.
Top Flagged Hostnames The number of flagged web request grouped by hostname.
Top Blocked Hostnames The number of blocked web request grouped by hostname.
Top Clients (by requests) The number of web requests grouped by client.
Top Clients (by size) The sum of the size of requested web content grouped by client.
Top Flagged Clients The number of flagged web request grouped by client.
Top Blocked Clients The number of blocked web request grouped by client.
Top Usernames (by requests) The number of web requests grouped by username.
Top Usernames (by size) The sum of the size of requested web content grouped by username.
Top Flagged Usernames The number of flagged web request grouped by username.
Top Blocked Usernames The number of blocked web request grouped by username.
Top Content (by request) The number of web requests grouped by category.
Top Content (by size) The sum of the size of requested web content grouped by category.
Top Searches The number of non blocked, non-flagged search queries grouped by term.
Top Flagged Searches The number of flagged search queries grouped by term.
Top Blocked Searches The number of blocked search queries grouped by term.
All Web Events Shows all scanned web requests.
Flagged Web Events Shows all flagged web requests.
Blocked Web Events Shows all blocked web requests.
All HTTP Events Shows all scanned unencrypted HTTP requests.
All HTTPS Events Shows all encrypted HTTPS requests.
Unblocked Web Events Shows all unblocked web requests
All Search Events Shows all search queries processed by Web Filter.
Flagged Search Events Shows flagged search queries processed by Web Filter.
Blocked Search Events Shows blocked search queries processed by Web Filter.

<section end='Web Filter' />


Virus Blocker Reports

<section begin='Virus Blocker' />

Report Entry Description
Virus Blocker Web Summary A summary of virus blocking actions for web activity.
Virus Blocker FTP Summary A summary of virus blocking actions for FTP activity.
Virus Blocker Email Summary A summary of virus blocking actions for Email activity.
Web Usage (all) The amount of scanned and blocked web requests over time.
Web Usage (scanned) The amount of scanned web requests over time.
Web Usage (blocked) The amount of blocked web requests over time.
Web Top Blocked Viruses The top web virus blocked.
Web Top Blocked Clients The top web clients by blocked virus count.
Web Top Blocked Sites The top web sites by blocked virus count.
Web Top Scanned Sites The top web sites by scan count.
FTP Usage (all) The amount of scanned and blocked FTP requests over time.
FTP Usage (scanned) The amount of scanned FTP requests over time.
FTP Usage (blocked) The amount of blocked FTP requests over time.
FTP Top Blocked Viruses The number of blocked viruses by FTP activity.
FTP Top Blocked Clients The number of clients with blocked viruses by FTP activity.
FTP Top Blocked Sites The number of clients with blocked viruses by FTP activity.
Email Usage (all) The amount of scanned and blocked email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (blocked) The amount of blocked email over time.
Email Top Blocked Viruses The number of blocked viruses by Email activity.
Email Top Blocked Clients The number of clients with blocked viruses by Email activity.
Email Top Blocked Sites The number of clients with blocked viruses by Email activity.
Scanned Web Events All HTTP sessions scanned by Virus Blocker.
Infected Web Events Infected HTTP sessions blocked by Virus Blocker.
Clean Web Events Scanned HTTP sessions marked clean.
Scanned Email Events All email sessions scanned by Virus Blocker.
Infected Email Events Infected email sessions blocked by Virus Blocker.
Clean Email Events Scanned email sessions marked clean.
Scanned Ftp Events All FTP sessions scanned by Virus Blocker.
Infected Ftp Events Infected FTP sessions blocked by Virus Blocker.
Clean Ftp Events Scanned FTP sessions marked clean.

<section end='Virus Blocker' />


Virus Blocker Lite Reports

<section begin='Virus Blocker Lite' />

Report Entry Description
Virus Blocker Lite Web Summary A summary of virus blocking actions for web activity.
Virus Blocker Lite FTP Summary A summary of virus blocking actions for FTP activity.
Virus Blocker Lite Email Summary A summary of virus blocking actions for Email activity.
Web Usage (all) The amount of scanned and blocked web requests over time.
Web Usage (scanned) The amount of scanned web requests over time.
Web Usage (blocked) The amount of blocked web requests over time.
Web Top Blocked Viruses The top web virus blocked.
Web Top Blocked Clients The top web clients by blocked virus count.
Web Top Blocked Sites The top web sites by blocked virus count.
Web Top Scanned Sites The top web sites by scan count.
FTP Usage (all) The amount of scanned and blocked FTP requests over time.
FTP Usage (scanned) The amount of scanned FTP requests over time.
FTP Usage (blocked) The amount of blocked FTP requests over time.
FTP Top Blocked Viruses The number of blocked viruses by FTP activity.
FTP Top Blocked Clients The number of clients with blocked viruses by FTP activity.
FTP Top Blocked Sites The number of clients with blocked viruses by FTP activity.
Email Usage (all) The amount of scanned and blocked email over time.
Email Usage (scanned) The amount of scanned email over time.
Email Usage (blocked) The amount of blocked email over time.
Email Top Blocked Viruses The number of blocked viruses by Email activity.
Email Top Blocked Clients The number of clients with blocked viruses by Email activity.
Email Top Blocked Sites The number of clients with blocked viruses by Email activity.
Scanned Web Events All HTTP sessions scanned by Virus Blocker Lite.
Infected Web Events Infected HTTP sessions blocked by Virus Blocker Lite.
Clean Web Events Scanned HTTP sessions marked clean.
Scanned Email Events All email sessions scanned by Virus Blocker Lite.
Infected Email Events Infected email sessions blocked by Virus Blocker Lite.
Clean Email Events Scanned email sessions marked clean.
Scanned Ftp Events All FTP sessions scanned by Virus Blocker Lite.
Infected Ftp Events Infected FTP sessions blocked by Virus Blocker Lite.
Clean Ftp Events Scanned FTP sessions marked clean.

<section end='Virus Blocker Lite' />


Shield Reports

<section begin='Shield' />

Report Entry Description
Scanned Sessions The amount of scanned and blocked sessions over time.
Blocked Sessions The amount of blocked sessions over time.
Top Blocked Usernames The number of blocked sessions grouped by username.
Top Blocked Clients The number of blocked sessions grouped by client.
Top Blocked Ports The number of blocked sessions grouped by server port.
Top Blocked Servers The number of blocked sessions grouped by server.
Top Blocked Hostnames The number of blocked sessions grouped by hostname.
Scanned Session Events All sessions scanned by Shield.
Blocked Session Events All sessions blocked by Shield.

<section end='Shield' />


Firewall Reports

<section begin='Firewall' />

Report Entry Description
Firewall Summary A summary of firewall actions.
Scanned Sessions The amount of scanned, flagged, and blocked sessions over time.
Top Scanned Hostnames The number of scanned session grouped by hostname.
Top Flagged Hostnames The number of flagged session grouped by hostname.
Top Blocked Hostnames The number of blocked sessions grouped by hostname.
Top Scanned Clients The number of scanned session grouped by client.
Top Flagged Clients The number of flagged session grouped by client.
Top Blocked Clients The number of blocked session grouped by client.
Top Scanned Usernames The number of scanned session grouped by username.
Top Flagged Usernames The number of flagged session grouped by username.
Top Blocked Usernames The number of blocked session grouped by username.
Top Scanned Server Ports The number of scanned session grouped by server (destination) port.
Top Flagged Server Ports The number of flagged session grouped by server (destination) port.
Top Blocked Server Ports The number of blocked session grouped by server (destination) port.
All Events All events scanned by Firewall App.
Flagged Events Events flagged by Firewall App.
Blocked Events Events blocked by Firewall App.

<section end='Firewall' />


OpenVPN Reports

<section begin='OpenVPN' />

Report Entry Description
OpenVPN Summary A summary of OpenVPN actions.
OpenVPN Bandwidth Usage The approximate amount of data transfered over openvpn connections.
OpenVPN Events The amount of login and logout events over time.
OpenVPN Sessions The amount of openvpn sessions over time.
Top Clients (by usage) The number of bytes transferred grouped by remote client.
Connection Events OpenVPN client connection events.
Statistic Events Shows all OpenVPN connection traffic statistics events.

<section end='OpenVPN' />


WAN Failover Reports

<section begin='WAN Failover' />

Report Entry Description
WAN Failover Summary A summary of WAN Failover actions.
WAN Disconnect Events The number of disconnect events grouped by WAN.
WAN Interface Outages The fails tests of each interface over time.
Outage Events Events where the failure threshold was exceeded and the WAN was considered offline.
Test Events All test events and their outcome.
Failed Test Events All tests that resulted in failure.
Success Test Events All tests that resulted in success.

<section end='WAN Failover' />

WireGuard VPN Reports

<section begin='WireGuard VPN' />

Report Entry Description
WireGuard VPN Summary A summary of WireGuard VPN traffic.
WireGuard VPN Bandwidth Usage The amount of traffic processed by the WireGuard service.
WireGuard VPN Events Time chart of WireGuard VPN connection events.
Top Remove Clients (by usage) The top WireGuard VPN peers by traffic usage.
Connection Events Shows all WireGuard VPN tunnel monitoring events.
Tunnel Traffic Events Shows all WireGuard tunnel traffic statistics events.

<section end='WireGuard VPN' />

Retrieved from "https://wiki.edge.arista.com/index.php?title=All_Reports&oldid=28410"