All Reports: Difference between revisions
No edit summary |
No edit summary |
||
Line 23: | Line 23: | ||
| width="25%" | Passed Session Events | | width="25%" | Passed Session Events | ||
| width="60%" | Sessions matching passed hosts. | | width="60%" | Sessions matching passed hosts. | ||
|- | |||
| width="25%" | All User Events | |||
| width="60%" | All user sessions processed by Captive Portal. | |||
|- | |- | ||
| width="25%" | Captured Session Events | | width="25%" | Captured Session Events | ||
| width="60%" | Sessions matching capture rules. | | width="60%" | Sessions matching capture rules. | ||
|- | |- | ||
| width="25%" | Login Success User Events | | width="25%" | Login Success User Events | ||
Line 153: | Line 153: | ||
| width="60%" | The number of settings changes over time. | | width="60%" | The number of settings changes over time. | ||
|- | |- | ||
| width="25%" | Admin | | width="25%" | Admin Login Events | ||
| width="60%" | All local administrator logins. | | width="60%" | All local administrator logins. | ||
|- | |- | ||
Line 163: | Line 163: | ||
== | == Bandwidth Control Reports == | ||
<section begin=' | <section begin='Bandwidth Control' /> | ||
{| border="1" cellpadding="2" width="85%%" align="center" | {| border="1" cellpadding="2" width="85%%" align="center" | ||
!Report Entry | !Report Entry | ||
!Description | !Description | ||
|- | |- | ||
| width="25%" | | | width="25%" | Bandwidth Control Summary | ||
| width="60%" | The | | width="60%" | A summary of Bandwidth Control actions. | ||
|- | |||
| width="25%" | Bandwidth Usage | |||
| width="60%" | The approximate averaged data transfer rate (total, sent, received) over time. | |||
|- | |||
| width="25%" | Top Hostnames Usage | |||
| width="60%" | The bandwidth usage of the top hostnames. | |||
|- | |||
| width="25%" | Top Hostnames (by total bytes) | |||
| width="60%" | The sum of the data transferred grouped by hostname. | |||
|- | |||
| width="25%" | Top Hostnames (by received bytes) | |||
| width="60%" | The sum of the received data grouped by hostname. | |||
|- | |||
| width="25%" | Top Hostnames (by sent bytes) | |||
| width="60%" | The sum of the sent data grouped by hostname. | |||
|- | |||
| width="25%" | Top Clients Usage | |||
| width="60%" | The bandwidth usage of the top clients. | |||
|- | |||
| width="25%" | Top Clients (by total bytes) | |||
| width="60%" | The sum of the data transferred grouped by client address. | |||
|- | |||
| width="25%" | Top Usernames Usage | |||
| width="60%" | The bandwidth usage of the top usernames. | |||
|- | |||
| width="25%" | Top Usernames (by total bytes) | |||
| width="60%" | The sum of the data transferred grouped by username. | |||
|- | |||
| width="25%" | Top Server Port Usage | |||
| width="60%" | The bandwidth usage by top server port. | |||
|- | |||
| width="25%" | Top Ports (by total bytes) | |||
| width="60%" | The sum of the data transferred grouped by server port. | |||
|- | |||
| width="25%" | Top Ports (by received bytes) | |||
| width="60%" | The sum of the data received grouped by server port. | |||
|- | |||
| width="25%" | Top Ports (by sent bytes) | |||
| width="60%" | The sum of the data sent grouped by server port. | |||
|- | |||
| width="25%" | Top Applications Usage | |||
| width="60%" | The bandwidth usage of the top applications. | |||
|- | |||
| width="25%" | Top Application (by total bytes) | |||
| width="60%" | The sum of the data transferred grouped by Application Control application. | |||
|- | |||
| width="25%" | Top Application (by received bytes) | |||
| width="60%" | The sum of the data sent grouped by Application Control application. | |||
|- | |||
| width="25%" | Top Application (by sent bytes) | |||
| width="60%" | The sum of the data sent grouped by Application Control application. | |||
|- | |||
| width="25%" | Top Categories Usage | |||
| width="60%" | The bandwidth usage of the top application categories. | |||
|- | |||
| width="25%" | Top Category (by total bytes) | |||
| width="60%" | The sum of the data transferred grouped by Application Control category. | |||
|- | |||
| width="25%" | Top Priorities Usage | |||
| width="60%" | The bandwidth usage by priority. | |||
|- | |||
| width="25%" | Top Priorities (by total bytes) | |||
| width="60%" | The sum of the data transferred grouped by priority. | |||
|- | |- | ||
| width="25%" | | | width="25%" | Top Countries Usage | ||
| width="60%" | The | | width="60%" | The bandwidth usage by top countries. | ||
|- | |- | ||
| width="25%" | | | width="25%" | Top Countries (by total bytes) | ||
| width="60%" | The | | width="60%" | The sum of the data transferred grouped by country. | ||
|- | |- | ||
| width="25%" | | | width="25%" | Bypassed (by total bytes) | ||
| width="60%" | The | | width="60%" | The sum of the data transferred grouped by bypassed. | ||
|- | |- | ||
| width="25%" | | | width="25%" | All Sessions | ||
| width="60%" | | | width="60%" | All sessions processed by Bandwidth Control. | ||
|- | |- | ||
| width="25%" | | | width="25%" | Quota Events | ||
| width="60%" | | | width="60%" | Shows when quotas are assigned or expired. | ||
|- | |- | ||
| width="25%" | | | width="25%" | Prioritized Sessions | ||
| width="60%" | All | | width="60%" | All sessions prioritized by Bandwidth Control. | ||
|- | |- | ||
|} | |} | ||
<section end=' | <section end='Bandwidth Control' /> | ||
Line 254: | Line 317: | ||
| width="25%" | Email Usage (spam) | | width="25%" | Email Usage (spam) | ||
| width="60%" | The amount of spam email over time. | | width="60%" | The amount of spam email over time. | ||
|- | |||
| width="25%" | Top Spam Recipients | |||
| width="60%" | The number of email addresses with spam. | |||
|- | |- | ||
| width="25%" | Spam Ratio | | width="25%" | Spam Ratio | ||
| width="60%" | The ratio of spam (true) to ham (false) | | width="60%" | The ratio of spam (true) to ham (false) | ||
|- | |- | ||
| width="25%" | Top Spam Sender Addresses | | width="25%" | Top Spam Sender Addresses | ||
Line 300: | Line 363: | ||
| width="25%" | Email Usage (phish) | | width="25%" | Email Usage (phish) | ||
| width="60%" | The amount of phish email over time. | | width="60%" | The amount of phish email over time. | ||
|- | |||
| width="25%" | Top Phish Recipients | |||
| width="60%" | The number of email addresses with phish. | |||
|- | |- | ||
| width="25%" | Phish Ratio | | width="25%" | Phish Ratio | ||
| width="60%" | The ratio of phish (true) to ham (false) | | width="60%" | The ratio of phish (true) to ham (false) | ||
|- | |- | ||
| width="25%" | Top Phish Sender Addresses | | width="25%" | Top Phish Sender Addresses | ||
Line 323: | Line 386: | ||
== | == Events Reports == | ||
<section begin=' | <section begin='Events' /> | ||
{| border="1" cellpadding="2" width="85%%" align="center" | {| border="1" cellpadding="2" width="85%%" align="center" | ||
!Report Entry | !Report Entry | ||
!Description | !Description | ||
|- | |- | ||
| width="25%" | | | width="25%" | Alerts | ||
| width="60%" | | | width="60%" | Alerts over time. | ||
|- | |||
| width="25%" | Syslog | |||
| width="60%" | Syslog events over time. | |||
|- | |||
| width="25%" | Top Syslog Events | |||
| width="60%" | The top syslog events. | |||
|- | |- | ||
| width="25%" | | | width="25%" | Top Alerts | ||
| width="60%" | The | | width="60%" | The top alerts. | ||
|- | |- | ||
| width="25%" | | | width="25%" | Alert Events | ||
| width="60%" | | | width="60%" | Log of all alerts created by alert rules. | ||
|- | |- | ||
| width="25%" | | | width="25%" | Syslog Events | ||
| width="60%" | | | width="60%" | Log of all events created by syslog rules. | ||
|- | |- | ||
|} | |} | ||
<section end=' | <section end='Events' /> | ||
Line 371: | Line 440: | ||
|} | |} | ||
<section end='Ad Blocker' /> | <section end='Ad Blocker' /> | ||
== Users Reports == | |||
<section begin='Users' /> | |||
{| border="1" cellpadding="2" width="85%%" align="center" | |||
!Report Entry | |||
!Description | |||
|- | |||
| width="25%" | Users Events | |||
| width="60%" | All updates to users in the user table. | |||
|- | |||
|} | |||
<section end='Users' /> | |||
== Policy Manager Reports == | |||
<section begin='Policy Manager' /> | |||
{| border="1" cellpadding="2" width="85%%" align="center" | |||
!Report Entry | |||
!Description | |||
|- | |||
| width="25%" | Policy Manager Summary | |||
| width="60%" | A summary of Policy Manager actions. | |||
|- | |||
| width="25%" | Top Policy Usage | |||
| width="60%" | The amount of bandwidth per policy. | |||
|- | |||
| width="25%" | Sessions By Policy | |||
| width="60%" | The number of sessions for each policy. | |||
|- | |||
| width="25%" | Traffic By Policy | |||
| width="60%" | The amount of traffic for each policy. | |||
|- | |||
| width="25%" | All Events | |||
| width="60%" | Lists all sessions with the policy manager rack that handled the session. | |||
|- | |||
|} | |||
<section end='Policy Manager' /> | |||
== Directory Connector Reports == | |||
<section begin='Directory Connector' /> | |||
{| border="1" cellpadding="2" width="85%%" align="center" | |||
!Report Entry | |||
!Description | |||
|- | |||
| width="25%" | Directory Connector Summary | |||
| width="60%" | A summary of Directory Connector actions. | |||
|- | |||
| width="25%" | API Usage | |||
| width="60%" | The amount of login, update and logout user notification API events over time. | |||
|- | |||
| width="25%" | API Events | |||
| width="60%" | Events from the user notification API. | |||
|- | |||
|} | |||
<section end='Directory Connector' /> | |||
Line 412: | Line 538: | ||
| width="25%" | Email Usage (spam) | | width="25%" | Email Usage (spam) | ||
| width="60%" | The amount of spam email over time. | | width="60%" | The amount of spam email over time. | ||
|- | |||
| width="25%" | Top Spam Recipients | |||
| width="60%" | The number of email addresses with spam. | |||
|- | |- | ||
| width="25%" | Spam Ratio | | width="25%" | Spam Ratio | ||
| width="60%" | The ratio of spam (true) to ham (false) | | width="60%" | The ratio of spam (true) to ham (false) | ||
|- | |- | ||
| width="25%" | Top Spam Sender Addresses | | width="25%" | Top Spam Sender Addresses | ||
Line 447: | Line 573: | ||
| width="60%" | A summary of SSL Inspector actions. | | width="60%" | A summary of SSL Inspector actions. | ||
|- | |- | ||
| width="25%" | Scanned | | width="25%" | Sessions Scanned | ||
| width="60%" | The amount of SSL sessions over time. | | width="60%" | The amount of SSL sessions over time. | ||
|- | |- | ||
| width="25%" | Inspected | | width="25%" | Sessions Inspected | ||
| width="60%" | The amount of inspected SSL sessions over time. | | width="60%" | The amount of inspected SSL sessions over time. | ||
|- | |- | ||
Line 489: | Line 615: | ||
| width="25%" | Application Control Summary | | width="25%" | Application Control Summary | ||
| width="60%" | A summary of Application Control actions. | | width="60%" | A summary of Application Control actions. | ||
|- | |||
| width="25%" | Top Applications Usage | |||
| width="60%" | The amount of bandwidth per top application. | |||
|- | |- | ||
| width="25%" | Scanned Sessions (all) | | width="25%" | Scanned Sessions (all) | ||
Line 513: | Line 642: | ||
| width="25%" | Top Blocked Applications | | width="25%" | Top Blocked Applications | ||
| width="60%" | The number of blocked sessions grouped by application. | | width="60%" | The number of blocked sessions grouped by application. | ||
|- | |- | ||
| width="25%" | Top Flagged Hostnames | | width="25%" | Top Flagged Hostnames | ||
Line 629: | Line 755: | ||
| width="60%" | The number of web requests grouped by category. | | width="60%" | The number of web requests grouped by category. | ||
|- | |- | ||
| width="25%" | Top | | width="25%" | Top Content (by size) | ||
| width="60%" | The sum of the size of requested web content grouped by category. | | width="60%" | The sum of the size of requested web content grouped by category. | ||
|- | |- | ||
Line 723: | Line 849: | ||
|- | |- | ||
| width="25%" | Intrusion Detection (logged) | | width="25%" | Intrusion Detection (logged) | ||
| width="60%" | The amount of detected | | width="60%" | The amount of detected intrusions over time. | ||
|- | |- | ||
| width="25%" | Intrusion Detection (blocked) | | width="25%" | Intrusion Detection (blocked) | ||
Line 786: | Line 912: | ||
== | == Devices Reports == | ||
<section begin=' | <section begin='Devices' /> | ||
{| border="1" cellpadding="2" width="85%%" align="center" | {| border="1" cellpadding="2" width="85%%" align="center" | ||
!Report Entry | !Report Entry | ||
!Description | !Description | ||
|- | |- | ||
| width="25%" | | | width="25%" | Devices Additions | ||
| width="60%" | | | width="60%" | The amount of devices add and removed from the device table over time. | ||
|- | |- | ||
| width="25%" | | | width="25%" | Devices Updates | ||
| width="60%" | The | | width="60%" | The number of updates to the device table over time. | ||
|- | |- | ||
| width="25%" | | | width="25%" | Devices Events | ||
| width="60%" | | | width="60%" | All updates to devices in the device table. | ||
|- | |- | ||
|} | |} | ||
<section end=' | <section end='Devices' /> | ||
== | == System Reports == | ||
<section begin=' | <section begin='System' /> | ||
{| border="1" cellpadding="2" width="85%%" align="center" | {| border="1" cellpadding="2" width="85%%" align="center" | ||
!Report Entry | !Report Entry | ||
!Description | !Description | ||
|- | |- | ||
| width="25%" | | | width="25%" | CPU Load | ||
| width="60%" | | | width="60%" | The CPU load over time. | ||
|- | |- | ||
| width="25%" | | | width="25%" | Disk Usage | ||
| width="60%" | The | | width="60%" | The disk utilization over time. | ||
|- | |- | ||
| width="25%" | | | width="25%" | Memory Usage | ||
| width="60%" | The | | width="60%" | The amount of free memory over time. | ||
|- | |- | ||
| width="25%" | | | width="25%" | Swap Usage | ||
| width="60%" | The | | width="60%" | The swap utilization over time as a percent of total swap size . | ||
|- | |- | ||
| width="25%" | | | width="25%" | Swap Usage Bytes | ||
| width="60%" | The | | width="60%" | The swap utilization over time. | ||
|- | |- | ||
| width="25%" | | | width="25%" | Highest Active Hosts | ||
| width="60%" | The | | width="60%" | The highest number of active hosts. | ||
|- | |- | ||
| width="25%" | | | width="25%" | Server Status Events | ||
| width="60%" | All system status events. | |||
| width="60%" | All | |||
|- | |- | ||
|} | |} | ||
<section end=' | <section end='System' /> | ||
Line 932: | Line 979: | ||
| width="25%" | Hosts Events | | width="25%" | Hosts Events | ||
| width="60%" | All updates to hosts in the host table. | | width="60%" | All updates to hosts in the host table. | ||
|- | |- | ||
| width="25%" | Penalty Box Events | | width="25%" | Penalty Box Events | ||
| width="60%" | Shows when hosts are | | width="60%" | Shows when hosts are tagged with penalty-box or have the tag removed. | ||
|- | |- | ||
|} | |} | ||
<section end='Hosts' /> | <section end='Hosts' /> | ||
Line 1,061: | Line 1,086: | ||
| width="60%" | The number of web requests grouped by category. | | width="60%" | The number of web requests grouped by category. | ||
|- | |- | ||
| width="25%" | Top | | width="25%" | Top Content (by size) | ||
| width="60%" | The sum of the size of requested web content grouped by category. | | width="60%" | The sum of the size of requested web content grouped by category. | ||
|- | |- | ||
Line 1,097: | Line 1,122: | ||
| width="25%" | Virus Blocker Web Summary | | width="25%" | Virus Blocker Web Summary | ||
| width="60%" | A summary of virus blocking actions for web activity. | | width="60%" | A summary of virus blocking actions for web activity. | ||
|- | |||
| width="25%" | Virus Blocker Email Summary | |||
| width="60%" | A summary of virus blocking actions for Email activity. | |||
|- | |- | ||
| width="25%" | Virus Blocker FTP Summary | | width="25%" | Virus Blocker FTP Summary | ||
| width="60%" | A summary of virus blocking actions for FTP activity. | | width="60%" | A summary of virus blocking actions for FTP activity. | ||
|- | |- | ||
| width="25%" | Web Usage (all) | | width="25%" | Web Usage (all) | ||
Line 1,200: | Line 1,225: | ||
| width="25%" | Virus Blocker Lite Web Summary | | width="25%" | Virus Blocker Lite Web Summary | ||
| width="60%" | A summary of virus blocking actions for web activity. | | width="60%" | A summary of virus blocking actions for web activity. | ||
|- | |||
| width="25%" | Virus Blocker Lite Email Summary | |||
| width="60%" | A summary of virus blocking actions for Email activity. | |||
|- | |- | ||
| width="25%" | Virus Blocker Lite FTP Summary | | width="25%" | Virus Blocker Lite FTP Summary | ||
| width="60%" | A summary of virus blocking actions for FTP activity. | | width="60%" | A summary of virus blocking actions for FTP activity. | ||
|- | |- | ||
| width="25%" | Web Usage (all) | | width="25%" | Web Usage (all) | ||
Line 1,306: | Line 1,331: | ||
| width="25%" | Blocked Sessions | | width="25%" | Blocked Sessions | ||
| width="60%" | The amount of blocked sessions over time. | | width="60%" | The amount of blocked sessions over time. | ||
|- | |||
| width="25%" | Top Blocked Ports | |||
| width="60%" | The number of blocked sessions grouped by server port. | |||
|- | |- | ||
| width="25%" | Top Blocked Clients | | width="25%" | Top Blocked Clients | ||
| width="60%" | The number of blocked sessions grouped by client. | | width="60%" | The number of blocked sessions grouped by client. | ||
|- | |||
| width="25%" | Top Blocked Hostnames | |||
| width="60%" | The number of blocked sessions grouped by hostname. | |||
|- | |- | ||
| width="25%" | Top Blocked Usernames | | width="25%" | Top Blocked Usernames | ||
| width="60%" | The number of blocked sessions grouped by username. | | width="60%" | The number of blocked sessions grouped by username. | ||
|- | |- | ||
| width="25%" | Scanned Session Events | | width="25%" | Scanned Session Events | ||
Line 1,385: | Line 1,413: | ||
|} | |} | ||
<section end='Firewall' /> | <section end='Firewall' /> | ||
Revision as of 20:28, 14 June 2017
Captive Portal Reports
<section begin='Captive Portal' />
Report Entry | Description |
---|---|
Captive Portal Summary | A summary of Captive Portal actions. |
Activity Summary | A summary of Captive Portal activity. |
Top Active Users | The top active users that logged in to Captive Portal. |
Top Blocked Clients | The top clients that were blocked by Captive Portal because they were not logged in. |
All Session Events | All sessions processed by Captive Portal. |
Passed Session Events | Sessions matching passed hosts. |
All User Events | All user sessions processed by Captive Portal. |
Captured Session Events | Sessions matching capture rules. |
Login Success User Events | Successful logins to Captive Portal. |
Login Failure User Events | Failed logins to Captive Portal. |
Session Timeout User Events | Sessions that reached the session timeout. |
Idle Timeout User Events | Sessions that reached the idle timeout. |
User Logout User Events | All user logout events. |
Admin Logout User Events | Sessions logged off by the admin. |
<section end='Captive Portal' />
Configuration Backup Reports
<section begin='Configuration Backup' />
Report Entry | Description |
---|---|
Configuration Backup Summary | A summary of configuration backup actions. |
Backup Usage (all) | The amount of successes, and failures of configuration backup over time. |
Backup Usage (success) | The amount of successful configuration backups over time. |
Backup Usage (failed) | The amount of failed configuration backups over time. |
Backup Events | All Configuration Backup events. |
<section end='Configuration Backup' />
Network Reports
<section begin='Network' />
Report Entry | Description |
---|---|
Network Summary | A summary of network traffic. |
Sessions | The amount of total, scanned, and bypassed sessions over time. |
Sessions Per Minute | The amount of total, scanned, and bypassed sessions created per minute. |
Sessions Per Hour | The amount of total, scanned, and bypassed sessions created per hour. |
Bandwidth Usage | The approximate averaged data transfer rate (total, sent, received) over time. |
Top Client Addresses | The number of sessions grouped by client (source) address. |
Top Server Addresses | The number of sessions grouped by server (destination) address. |
Top IP Protocols | The number of sessions grouped by IP protocol number. |
Top Server Ports | The number of sessions grouped by server (destination) port. |
Top Server Countries | The number of sessions grouped by server (destination) country. |
Interface Usage | The RX rate of each interface over time. |
All Sessions | All sessions handled by Untangle. |
Scanned Sessions | All sessions that were not bypassed. |
Bypassed Sessions | All sessions matching a bypass rule and bypassed. |
Blocked Sessions | All sessions blocked by filter rules. |
Port Forwarded Sessions | All sessions match a port forward rule. |
NATd Sessions | All sessions that have been NATd by Untangle. |
All Session Minutes | All sessions by minute. |
<section end='Network' />
Administration Reports
<section begin='Administration' />
Report Entry | Description |
---|---|
Admin Logins | The number of total, successful, and failed admin logins over time. |
Settings Changes | The number of settings changes over time. |
Admin Login Events | All local administrator logins. |
All Settings Changes | All settings changes performed by an administrator. |
<section end='Administration' />
Bandwidth Control Reports
<section begin='Bandwidth Control' />
Report Entry | Description |
---|---|
Bandwidth Control Summary | A summary of Bandwidth Control actions. |
Bandwidth Usage | The approximate averaged data transfer rate (total, sent, received) over time. |
Top Hostnames Usage | The bandwidth usage of the top hostnames. |
Top Hostnames (by total bytes) | The sum of the data transferred grouped by hostname. |
Top Hostnames (by received bytes) | The sum of the received data grouped by hostname. |
Top Hostnames (by sent bytes) | The sum of the sent data grouped by hostname. |
Top Clients Usage | The bandwidth usage of the top clients. |
Top Clients (by total bytes) | The sum of the data transferred grouped by client address. |
Top Usernames Usage | The bandwidth usage of the top usernames. |
Top Usernames (by total bytes) | The sum of the data transferred grouped by username. |
Top Server Port Usage | The bandwidth usage by top server port. |
Top Ports (by total bytes) | The sum of the data transferred grouped by server port. |
Top Ports (by received bytes) | The sum of the data received grouped by server port. |
Top Ports (by sent bytes) | The sum of the data sent grouped by server port. |
Top Applications Usage | The bandwidth usage of the top applications. |
Top Application (by total bytes) | The sum of the data transferred grouped by Application Control application. |
Top Application (by received bytes) | The sum of the data sent grouped by Application Control application. |
Top Application (by sent bytes) | The sum of the data sent grouped by Application Control application. |
Top Categories Usage | The bandwidth usage of the top application categories. |
Top Category (by total bytes) | The sum of the data transferred grouped by Application Control category. |
Top Priorities Usage | The bandwidth usage by priority. |
Top Priorities (by total bytes) | The sum of the data transferred grouped by priority. |
Top Countries Usage | The bandwidth usage by top countries. |
Top Countries (by total bytes) | The sum of the data transferred grouped by country. |
Bypassed (by total bytes) | The sum of the data transferred grouped by bypassed. |
All Sessions | All sessions processed by Bandwidth Control. |
Quota Events | Shows when quotas are assigned or expired. |
Prioritized Sessions | All sessions prioritized by Bandwidth Control. |
<section end='Bandwidth Control' />
Application Control Lite Reports
<section begin='Application Control Lite' />
Report Entry | Description |
---|---|
Application Control Lite Summary | A summary of Application Control Lite actions. |
Detection Statistics | The number of logged and blocked sessions over time. |
Top Blocked Protocols | The top blocked sessions by protocol. |
Top Logged Protocols | The top logged sessions by protocol. |
Top Blocked Hosts | The top blocked sessions by host. |
Top Logged Hosts | The top logged sessions by host. |
Top Blocked Users | The top blocked sessions by user. |
Top Logged Users | The top logged sessions by user. |
All Events | All sessions scanned by Application Control Lite. |
Blocked Events | All sessions matching an application signature and blocked. |
<section end='Application Control Lite' />
Spam Blocker Lite Reports
<section begin='Spam Blocker Lite' />
Report Entry | Description |
---|---|
Spam Blocker Lite Summary | A summary of spam blocking actions for email activity. |
Email Usage (all) | The amount of scanned, clean, and spam email over time. |
Email Usage (scanned) | The amount of scanned email over time. |
Email Usage (clean) | The amount of clean email over time. |
Email Usage (spam) | The amount of spam email over time. |
Top Spam Recipients | The number of email addresses with spam. |
Spam Ratio | The ratio of spam (true) to ham (false) |
Top Spam Sender Addresses | The number of IP addresses sending spam. |
All Email Events | All emails scanned by Spam Blocker. |
All Spam Events | All emails marked as Spam. |
Quarantined Events | All emails marked as Spam and quarantined. |
Tarpit Events | All email sessions that were tarpitted. |
<section end='Spam Blocker Lite' />
Phish Blocker Reports
<section begin='Phish Blocker' />
Report Entry | Description |
---|---|
Phish Blocker Summary | A summary of phish blocking actions for email activity. |
Email Usage (all) | The amount of scanned, clean, and phish email over time. |
Email Usage (scanned) | The amount of scanned email over time. |
Email Usage (clean) | The amount of clean email over time. |
Email Usage (phish) | The amount of phish email over time. |
Top Phish Recipients | The number of email addresses with phish. |
Phish Ratio | The ratio of phish (true) to ham (false) |
Top Phish Sender Addresses | The number of IP addresses sending phish. |
All Email Events | All email sessions scanned by Phish Blocker. |
All Phish Events | All email sessions detected as phishing attempts. |
Quarantined Events | All email sessions detected as phishing attempts and quarantined. |
<section end='Phish Blocker' />
Events Reports
<section begin='Events' />
Report Entry | Description |
---|---|
Alerts | Alerts over time. |
Syslog | Syslog events over time. |
Top Syslog Events | The top syslog events. |
Top Alerts | The top alerts. |
Alert Events | Log of all alerts created by alert rules. |
Syslog Events | Log of all events created by syslog rules. |
<section end='Events' />
Ad Blocker Reports
<section begin='Ad Blocker' />
Report Entry | Description |
---|---|
Ad Blocker Summary | A summary of ad blocker actions. |
Ads Blocked | The amount of detected and blocked ads over time. |
Top Blocked Ad Sites | The number of blocked ads grouped by website. |
All Ad Events | All HTTP requests scanned by Ad Blocker. |
Blocked Ad Events | HTTP requests blocked by Ad Blocker. |
Blocked Cookie Events | Requests blocked by cookie filters. |
<section end='Ad Blocker' />
Users Reports
<section begin='Users' />
Report Entry | Description |
---|---|
Users Events | All updates to users in the user table. |
<section end='Users' />
Policy Manager Reports
<section begin='Policy Manager' />
Report Entry | Description |
---|---|
Policy Manager Summary | A summary of Policy Manager actions. |
Top Policy Usage | The amount of bandwidth per policy. |
Sessions By Policy | The number of sessions for each policy. |
Traffic By Policy | The amount of traffic for each policy. |
All Events | Lists all sessions with the policy manager rack that handled the session. |
<section end='Policy Manager' />
Directory Connector Reports
<section begin='Directory Connector' />
Report Entry | Description |
---|---|
Directory Connector Summary | A summary of Directory Connector actions. |
API Usage | The amount of login, update and logout user notification API events over time. |
API Events | Events from the user notification API. |
<section end='Directory Connector' />
WAN Balancer Reports
<section begin='WAN Balancer' />
Report Entry | Description |
---|---|
WAN Balancer Summary | A summary of WAN Balancer actions. |
Sessions By Interface | The number of sessions destined to each interface. |
Bytes By Interface | The number of bytes destined to each interface. |
<section end='WAN Balancer' />
Spam Blocker Reports
<section begin='Spam Blocker' />
Report Entry | Description |
---|---|
Spam Blocker Summary | A summary of spam blocking actions for email activity. |
Email Usage (all) | The amount of scanned, clean, and spam email over time. |
Email Usage (scanned) | The amount of scanned email over time. |
Email Usage (clean) | The amount of clean email over time. |
Email Usage (spam) | The amount of spam email over time. |
Top Spam Recipients | The number of email addresses with spam. |
Spam Ratio | The ratio of spam (true) to ham (false) |
Top Spam Sender Addresses | The number of IP addresses sending spam. |
All Email Events | All emails scanned by Spam Blocker. |
All Spam Events | All emails marked as Spam. |
Quarantined Events | All emails marked as Spam and quarantined. |
Tarpit Events | All email sessions that were tarpitted. |
<section end='Spam Blocker' />
SSL Inspector Reports
<section begin='SSL Inspector' />
Report Entry | Description |
---|---|
SSL Inspector Summary | A summary of SSL Inspector actions. |
Sessions Scanned | The amount of SSL sessions over time. |
Sessions Inspected | The amount of inspected SSL sessions over time. |
Top Inspected Sites | The number of inspected sessions grouped by site. |
Top Ignored Sites | The number of ignored sessions grouped by site. |
All Sessions | All sessions detected by SSL Inspector. |
Inspected Sessions | Events where traffic was fully processed by the inspector, and all traffic was passed through all the other applications and services. |
Ignored Sessions | Events where traffic was not or could not be inspected, so the traffic was completely ignored and not analyzed by any applications or services. |
Blocked Sessions | Events where traffic was blocked because it did not contain a valid SSL request, and the Block Invalid Traffic option was enabled. |
Untrusted Sessions | Events where traffic was blocked because the server certificate could not be authenticated. |
Abandoned Sessions | Events where traffic was blocked due to an underlying problems with the SSL session. |
<section end='SSL Inspector' />
Application Control Reports
<section begin='Application Control' />
Report Entry | Description |
---|---|
Application Control Summary | A summary of Application Control actions. |
Top Applications Usage | The amount of bandwidth per top application. |
Scanned Sessions (all) | The amount of scanned, flagged, and blocked sessions over time. |
Scanned Sessions (flagged) | The amount of flagged, and blocked sessions over time. |
Scanned Sessions (blocked) | The amount of flagged, and blocked sessions over time. |
Top Categories (by sessions) | The number of sessions grouped by category. |
Top Applications (by sessions) | The number of sessions grouped by application. |
Top Applications (by size) | The number of bytes grouped by application. |
Top Flagged Applications | The number of flagged sessions grouped by application. |
Top Blocked Applications | The number of blocked sessions grouped by application. |
Top Flagged Hostnames | The number of flagged sessions grouped by hostname. |
Top Blocked Hostnames | The number of blocked sessions grouped by hostname. |
Top Flagged Clients | The number of flagged sessions grouped by client. |
Top Blocked Clients | The number of blocked sessions grouped by client. |
Top Flagged Usernames | The number of flagged sessions grouped by username. |
Top Blocked Usernames | The number of blocked sessions grouped by username. |
Classified Sessions | All sessions matching an application control signature. |
Flagged Sessions | All sessions matching an application control signature and flagged. |
Blocked Sessions | All sessions matching an application control signature and blocked. |
All Sessions | All sessions scanned by Application Control. |
<section end='Application Control' />
Web Monitor Reports
<section begin='Web Monitor' />
Report Entry | Description |
---|---|
Web Monitor Summary | A summary of web monitor actions. |
Web Usage | The amount of total and flagged web requests over time. |
Web Usage (scanned) | The amount of total web requests over time. |
Web Usage (flagged) | The amount of flagged web requests over time. |
Top Categories (by request) | The number of web requests grouped by category. |
Top Categories (by size) | The sum of the size of requested web content grouped by category. |
Top Flagged Categories | The number of flagged web requests grouped by category. |
Top Sites (by request) | The number of web requests grouped by website. |
Top Sites (by size) | The sum of the size of requested web content grouped by website. |
Top Flagged Sites | The number of flagged web requests grouped by website. |
Top Domains (by request) | The number of web requests grouped by domain. |
Top Domains (by size) | The sum of the size of requested web content grouped by domain. |
Top Flagged Domains | The number of flagged web requests grouped by domain. |
Top Domains Usage | The amount of web requests per top domain. |
Top Hostnames (by requests) | The number of web requests grouped by hostname. |
Top Hostnames (by size) | The sum of the size of requested web content grouped by hostname. |
Top Flagged Hostnames | The number of flagged web request grouped by hostname. |
Top Clients (by requests) | The number of web requests grouped by client. |
Top Clients (by size) | The sum of the size of requested web content grouped by client. |
Top Flagged Clients | The number of flagged web request grouped by client. |
Top Usernames (by requests) | The number of web requests grouped by username. |
Top Usernames (by size) | The sum of the size of requested web content grouped by username. |
Top Flagged Usernames | The number of flagged web request grouped by username. |
Top Content (by request) | The number of web requests grouped by category. |
Top Content (by size) | The sum of the size of requested web content grouped by category. |
All Web Events | Shows all scanned web requests. |
Flagged Web Events | Shows all flagged web requests. |
All HTTP Events | Shows all scanned unencrypted HTTP requests. |
All HTTPS Events | Shows all encrypted HTTPS requests. |
All Query Events | Shows all search querires processed by Web Monitor. |
<section end='Web Monitor' />
Web Cache Reports
<section begin='Web Cache' />
Report Entry | Description |
---|---|
Web Cache Summary | A summary of Web Cache actions. |
Cache Hit/Miss Statistics | The number of cache hits, misses, and sessions bypassed over time. |
Cache Size Statistics | The amount of cached and uncached web data over time. |
Web Cache Events | All HTTP events processed by Web Cache. |
<section end='Web Cache' />
IPsec VPN Reports
<section begin='IPsec VPN' />
Report Entry | Description |
---|---|
IPsec VPN Summary | A summary of IPsec VPN actions. |
Hourly Tunnel Traffic | The amount of IPsec tunnel traffic over time. |
Top Tunnel Traffic | The amount of traffic for each IPsec tunnel. |
Top Active Users | The top IPsec VPN users by number of sessions. |
Top Download Users | The top IPsec users grouped by amount of data downloaded. |
Top Upload Users | The top IPsec users grouped by amount of data uploaded. |
Top Protocols | The top IPsec VPN connections by protocol. |
L2TP/Xauth Events | Shows all user L2TP/Xauth events. |
Tunnel Traffic Events | Shows all IPsec tunnel traffic statistics events. |
<section end='IPsec VPN' />
Intrusion Prevention Reports
<section begin='Intrusion Prevention' />
Report Entry | Description |
---|---|
Intrusion Prevention Summary | A summary of intrusion detection and prevention actions. |
Intrusion Detection (all) | The amount of detected and blocked intrusions over time. |
Intrusion Detection (logged) | The amount of detected intrusions over time. |
Intrusion Detection (blocked) | The amount of blocked intrusions over time. |
Top Rules (logged) | The number of intrusions detected grouped by rule. |
Top Rules (blocked) | The number of intrusions blocked by rule. |
Top Classtypes (logged) | The number of intrusions detected grouped by classtype. |
Top Classtypes (blocked) | The number of intrusions blocked by classtype. |
Top Categories (logged) | The number of intrusions detected grouped by category. |
Top Categories (blocked) | The number of intrusions blocked by category. |
Top Source IP Addresses (logged) | The number of intrusions detected grouped by source IP address. |
Top Source IP Addresses (blocked) | The number of intrusions blocked by source IP address. |
Top Source Ports (logged) | The number of intrusions detected grouped by source port. |
Top Source Port (blocked) | The number of intrusions blocked by source port. |
Top Destination IP Addresses (logged) | The number of intrusions detected grouped by destination IP address. |
Top Destination IP Addresses (blocked) | The number of intrusions blocked by destination IP address. |
Top Destination Ports (logged) | The number of intrusions detected grouped by destination port. |
Top Destination Port (blocked) | The number of intrusions blocked by destination port. |
Top Protocols (logged) | The number of intrusions detected grouped by protocol. |
Top Protocols (blocked) | The number of intrusions blocked by protocol. |
All Events | All sessions scanned by Intrusion Prevention. |
Blocked Events | All sessions matching Intrusion Prevention signatures and blocked. |
<section end='Intrusion Prevention' />
Devices Reports
<section begin='Devices' />
Report Entry | Description |
---|---|
Devices Additions | The amount of devices add and removed from the device table over time. |
Devices Updates | The number of updates to the device table over time. |
Devices Events | All updates to devices in the device table. |
<section end='Devices' />
System Reports
<section begin='System' />
Report Entry | Description |
---|---|
CPU Load | The CPU load over time. |
Disk Usage | The disk utilization over time. |
Memory Usage | The amount of free memory over time. |
Swap Usage | The swap utilization over time as a percent of total swap size . |
Swap Usage Bytes | The swap utilization over time. |
Highest Active Hosts | The highest number of active hosts. |
Server Status Events | All system status events. |
<section end='System' />
Hosts Reports
<section begin='Hosts' />
Report Entry | Description |
---|---|
Hosts Active | The amount of active hosts by time. |
Hosts Additions | The amount of hosts add and removed from the host table over time. |
Hosts Updates | The number of updates to the host table over time. |
Hosts Events | All updates to hosts in the host table. |
Penalty Box Events | Shows when hosts are tagged with penalty-box or have the tag removed. |
<section end='Hosts' />
Web Filter Reports
<section begin='Web Filter' />
Report Entry | Description |
---|---|
Web Filter Summary | A summary of web filter actions. |
Web Usage | The amount of total, flagged, and blocked web requests over time. |
Web Usage (scanned) | The amount of total, flagged, and blocked web requests over time. |
Web Usage (flagged) | The amount of flagged, and blocked web requests over time. |
Web Usage (blocked) | The amount of flagged, and blocked web requests over time. |
Top Categories (by request) | The number of web requests grouped by category. |
Top Categories (by size) | The sum of the size of requested web content grouped by category. |
Top Flagged Categories | The number of flagged web requests grouped by category. |
Top Blocked Categories | The number of blocked web requests grouped by category. |
Top Sites (by request) | The number of web requests grouped by website. |
Top Sites (by size) | The sum of the size of requested web content grouped by website. |
Top Flagged Sites | The number of flagged web requests grouped by website. |
Top Blocked Sites | The number of blocked web requests grouped by website. |
Top Domains (by request) | The number of web requests grouped by domain. |
Top Domains (by size) | The sum of the size of requested web content grouped by domain. |
Top Flagged Domains | The number of flagged web requests grouped by domain. |
Top Blocked Domains | The number of blocked web requests grouped by domain. |
Top Domains Usage | The amount of web requests per top domain. |
Top Hostnames (by requests) | The number of web requests grouped by hostname. |
Top Hostnames (by size) | The sum of the size of requested web content grouped by hostname. |
Top Flagged Hostnames | The number of flagged web request grouped by hostname. |
Top Blocked Hostnames | The number of blocked web request grouped by hostname. |
Top Clients (by requests) | The number of web requests grouped by client. |
Top Clients (by size) | The sum of the size of requested web content grouped by client. |
Top Flagged Clients | The number of flagged web request grouped by client. |
Top Blocked Clients | The number of blocked web request grouped by client. |
Top Usernames (by requests) | The number of web requests grouped by username. |
Top Usernames (by size) | The sum of the size of requested web content grouped by username. |
Top Flagged Usernames | The number of flagged web request grouped by username. |
Top Blocked Usernames | The number of blocked web request grouped by username. |
Top Content (by request) | The number of web requests grouped by category. |
Top Content (by size) | The sum of the size of requested web content grouped by category. |
All Web Events | Shows all scanned web requests. |
Flagged Web Events | Shows all flagged web requests. |
Blocked Web Events | Shows all blocked web requests. |
All HTTP Events | Shows all scanned unencrypted HTTP requests. |
All HTTPS Events | Shows all encrypted HTTPS requests. |
Unblocked Web Events | Shows all unblocked web requests |
All Query Events | Shows all search querires processed by Web Filter. |
<section end='Web Filter' />
Virus Blocker Reports
<section begin='Virus Blocker' />
Report Entry | Description |
---|---|
Virus Blocker Web Summary | A summary of virus blocking actions for web activity. |
Virus Blocker Email Summary | A summary of virus blocking actions for Email activity. |
Virus Blocker FTP Summary | A summary of virus blocking actions for FTP activity. |
Web Usage (all) | The amount of scanned and blocked web requests over time. |
Web Usage (scanned) | The amount of scanned web requests over time. |
Web Usage (blocked) | The amount of blocked web requests over time. |
Web Top Blocked Viruses | The top web virus blocked. |
Web Top Blocked Clients | The top web clients by blocked virus count. |
Web Top Blocked Sites | The top web sites by blocked virus count. |
Web Top Scanned Sites | The top web sites by scan count. |
FTP Usage (all) | The amount of scanned and blocked FTP requests over time. |
FTP Usage (scanned) | The amount of scanned FTP requests over time. |
FTP Usage (blocked) | The amount of blocked FTP requests over time. |
FTP Top Blocked Viruses | The number of blocked viruses by FTP activity. |
FTP Top Blocked Clients | The number of clients with blocked viruses by FTP activity. |
FTP Top Blocked Sites | The number of clients with blocked viruses by FTP activity. |
Email Usage (all) | The amount of scanned and blocked email over time. |
Email Usage (scanned) | The amount of scanned email over time. |
Email Usage (blocked) | The amount of blocked email over time. |
Email Top Blocked Viruses | The number of blocked viruses by Email activity. |
Email Top Blocked Clients | The number of clients with blocked viruses by Email activity. |
Email Top Blocked Sites | The number of clients with blocked viruses by Email activity. |
Scanned Web Events | All HTTP sessions scanned by Virus Blocker. |
Infected Web Events | Infected HTTP sessions blocked by Virus Blocker. |
Clean Web Events | Scanned HTTP sessions marked clean. |
Scanned Email Events | All email sessions scanned by Virus Blocker. |
Infected Email Events | Infected email sessions blocked by Virus Blocker. |
Clean Email Events | Scanned email sessions marked clean. |
Scanned Ftp Events | All FTP sessions scanned by Virus Blocker. |
Infected Ftp Events | Infected FTP sessions blocked by Virus Blocker. |
Clean Ftp Events | Scanned FTP sessions marked clean. |
<section end='Virus Blocker' />
Virus Blocker Lite Reports
<section begin='Virus Blocker Lite' />
Report Entry | Description |
---|---|
Virus Blocker Lite Web Summary | A summary of virus blocking actions for web activity. |
Virus Blocker Lite Email Summary | A summary of virus blocking actions for Email activity. |
Virus Blocker Lite FTP Summary | A summary of virus blocking actions for FTP activity. |
Web Usage (all) | The amount of scanned and blocked web requests over time. |
Web Usage (scanned) | The amount of scanned web requests over time. |
Web Usage (blocked) | The amount of blocked web requests over time. |
Web Top Blocked Viruses | The top web virus blocked. |
Web Top Blocked Clients | The top web clients by blocked virus count. |
Web Top Blocked Sites | The top web sites by blocked virus count. |
Web Top Scanned Sites | The top web sites by scan count. |
FTP Usage (all) | The amount of scanned and blocked FTP requests over time. |
FTP Usage (scanned) | The amount of scanned FTP requests over time. |
FTP Usage (blocked) | The amount of blocked FTP requests over time. |
FTP Top Blocked Viruses | The number of blocked viruses by FTP activity. |
FTP Top Blocked Clients | The number of clients with blocked viruses by FTP activity. |
FTP Top Blocked Sites | The number of clients with blocked viruses by FTP activity. |
Email Usage (all) | The amount of scanned and blocked email over time. |
Email Usage (scanned) | The amount of scanned email over time. |
Email Usage (blocked) | The amount of blocked email over time. |
Email Top Blocked Viruses | The number of blocked viruses by Email activity. |
Email Top Blocked Clients | The number of clients with blocked viruses by Email activity. |
Email Top Blocked Sites | The number of clients with blocked viruses by Email activity. |
Scanned Web Events | All HTTP sessions scanned by Virus Blocker Lite. |
Infected Web Events | Infected HTTP sessions blocked by Virus Blocker Lite. |
Clean Web Events | Scanned HTTP sessions marked clean. |
Scanned Email Events | All email sessions scanned by Virus Blocker Lite. |
Infected Email Events | Infected email sessions blocked by Virus Blocker Lite. |
Clean Email Events | Scanned email sessions marked clean. |
Scanned Ftp Events | All FTP sessions scanned by Virus Blocker Lite. |
Infected Ftp Events | Infected FTP sessions blocked by Virus Blocker Lite. |
Clean Ftp Events | Scanned FTP sessions marked clean. |
<section end='Virus Blocker Lite' />
Shield Reports
<section begin='Shield' />
Report Entry | Description |
---|---|
Scanned Sessions | The amount of scanned and blocked sessions over time. |
Blocked Sessions | The amount of blocked sessions over time. |
Top Blocked Ports | The number of blocked sessions grouped by server port. |
Top Blocked Clients | The number of blocked sessions grouped by client. |
Top Blocked Hostnames | The number of blocked sessions grouped by hostname. |
Top Blocked Usernames | The number of blocked sessions grouped by username. |
Scanned Session Events | All sessions scanned by Shield. |
Blocked Session Events | All sessions blocked by Shield. |
<section end='Shield' />
Firewall Reports
<section begin='Firewall' />
Report Entry | Description |
---|---|
Firewall Summary | A summary of firewall actions. |
Scanned Sessions | The amount of scanned, flagged, and blocked sessions over time. |
Top Scanned Hostnames | The number of scanned session grouped by hostname. |
Top Flagged Hostnames | The number of flagged session grouped by hostname. |
Top Blocked Hostnames | The number of blocked sessions grouped by hostname. |
Top Scanned Clients | The number of scanned session grouped by client. |
Top Flagged Clients | The number of flagged session grouped by client. |
Top Blocked Clients | The number of flagged session grouped by client. |
Top Scanned Usernames | The number of scanned session grouped by username. |
Top Flagged Usernames | The number of flagged session grouped by username. |
Top Blocked Usernames | The number of flagged session grouped by username. |
Top Scanned Server Ports | The number of scanned session grouped by server (destination) port. |
Top Flagged Server Ports | The number of flagged session grouped by server (destination) port. |
Top Blocked Server Ports | The number of flagged session grouped by server (destination) port. |
All Events | All events scanned by Firewall App. |
Flagged Events | Events flagged by Firewall App. |
Blocked Events | Events blocked by Firewall App. |
<section end='Firewall' />
OpenVPN Reports
<section begin='OpenVPN' />
Report Entry | Description |
---|---|
OpenVPN Summary | A summary of OpenVPN actions. |
OpenVPN Bandwidth Usage | The approximate amount of data transfered over openvpn connections. |
OpenVPN Events | The amount of login and logout events over time. |
OpenVPN Sessions | The amount of openvpn sessions over time. |
Top Clients (by usage) | The number of bytes transferred grouped by remote client. |
Connection Events | OpenVPN client connection events. |
Statistic Events | Shows all OpenVPN connection traffic statistics events. |
<section end='OpenVPN' />
WAN Failover Reports
<section begin='WAN Failover' />
Report Entry | Description |
---|---|
WAN Failover Summary | A summary of WAN Failover actions. |
WAN Disconnect Events | The number of disconnect events grouped by WAN. |
Outage Events | Events where the failure threshold was exceeded and the WAN was considered offline. |
Test Events | All test events and their outcome. |
Failed Test Events | All tests that resulted in failure. |
Success Test Events | All tests that resulted in success. |
<section end='WAN Failover' />