Guide
TrainingSupportCommunity

Activity

Suggest Edits

You can report on these activities:

  • DNS Activity. The DNS Summary report provides data on DNS activity in your network. This includes the total number of DNS queries and the top data values for the following categories: autonomous system name, domain, geolocation, query, source IP, and AUP category.

    The DNS Activity report shows data on DNS traffic that's directed to ​SIA​ or ​SIA​ Proxy. To show specific DNS activity, you filter data by dimension. For example, you can filter data based on domain, source IP, policy, and more.

  • Proxy Activity. If ​SIA​ Proxy is enabled in your network, data is presented on the Proxy Summary and Proxy Activity reports. The Proxy Summary report includes the total number of proxy transactions and the top transactions for the following categories: policy action, autonomous system name, client port, destination IP, destination port, domain, geolocation, HTTP request method, Layer 7 Protocol, source IP, and URI.

    The Proxy Activity report shows the traffic that's directed to ​SIA​ Proxy. To show specific proxy traffic, you can apply filters based on dimensions. For example, you can report the requested domain, internal IP address of the user's machine, the username of the user who made the request, the action that was applied to traffic, and more.

  • Network Traffic. The Network Traffic report shows detailed information about network traffic or connections that are directed to ​SIA​. Similar to the data that is shown in the events reports, you can organize this data by the dimension you select. You can also view specific data about the connection, including how the connection was handled by ​SIA​.

  • Security Connector. The Security Connector Activity report provides data on Security Connector events. Like the Threat Events and Access Control reports, data is organized by dimension. You can view logged events based on the dimension you select.

  • Identity Provider Activity. The Identity Provider Activity report provides data on IdP sessions. If authentication is required or optional within a policy and you assign users or groups to an AUP, you can report on IdP activity.

  • IPsec Tunnel Activity. The IPsec Tunnel Activity report provides data on traffic that uses IPsec tunnels to direct traffic from a branch to ​SIA​ Proxy.

Updated over 2 years ago