Guide
TrainingSupportCommunity

Summary of Proxy activity

Suggest Edits

The Proxy Summary activity report shows data about the transactions that were analyzed and handled by ​SIA​ Proxy.

📘

You need to be an ​SIA​ administrator or a user with a specific permission to perform the procedures in this section and view the Proxy Summary report. For more information, see Roles.

The total number of transactions and the top data values for a dimension are listed. You can report on the following:

  • Top Locations. Indicates the top locations where requests originate from.

  • Top Domain. Shows the top domains that users requested.

  • Top Layer 7 Protocol. Shows how many requests use the HTTP or HTTPS protocols.

  • Top Action. Shows the top policy actions that were applied to traffic.

  • Top Autonomous System Name. Shows the top autonomous system names for responses.

  • Top Source IP. Shows the source IP address where the request originated from.

  • Top Client Port. Shows the top source ports where the request originated from.

  • Top Geo. Shows the top geographical regions where responses originate from.

  • Top Destination IP. Shows the top destination IP addresses for requests that were forwarded to the proxy.

  • Top Destination Port. Shows the top destination ports for requests that were forwarded to the proxy.

  • Top HTTP Request Method. Shows the top HTTP verbs or action that are requested.

  • Top URI. Shows the top Uniform Resource Identifier (URI) or URLs analyzed by the proxy.

  • Top Application. Shows the top web applications that are scanned by the proxy.

  • Top Client Request ID. Shows the top UUIDs of ​ETP Client​ that's installed on devices.

  • Top Client Device Name. Shows the top device names where ​ETP Client​ is installed.

  • Top Onramp Type. Shows the top methods used to forward a request to ​SIA​ Proxy.

  • Top Operation. Shows the top web application operations.

  • Top Risk. Shows the top risk levels for a website or web application.

  • Top User ID. Shows the top user IDs that are used to authenticate and gain access to a website or web application.

  • Top User Name. Show the top usernames that are used to authenticate and gain access to a website or web application.

  • Top Sub-Location. Shows the top sub-locations where requests originate from.

By default, the Proxy Summary tab reports on the top values for locations, domains, Layer 7 Protocol, and the top policy actions. If you are a delegated administrator or strict delegated administrator, the data that appears on this tab is based on the locations you created and are allowed to access.

When viewing graphs, you can hover over parts of them to view total numbers.

Depending on the information, you can also select different views of the data:

  • For the Total Transactions, you can show data in a line or bar graph.

  • For the specific dimensions, you can show data in a bar graph, pie chart, or table. You can also download all data into separate spreadsheets. While the Proxy tab provides a graphical view of this data, you can download the spreadsheet to view a complete list of data in each of these areas. For more information see Create a PDF of data on the Proxy Summary tab.

The Proxy Summary activity report also includes an icon where you can produce a PDF of the page. The PDF shows an image of the report from the point in time when you selected to produce the PDF. For example, the applied filters and graphs are captured in the PDF.

Change the data type in the total proxy activity graph

By default, the Proxy Summary tab reports on all transactions completed by the ​SIA​ proxy. However, you can change the data that is reported in the Total Traffic graph. You can report on these specific criteria:

  • Action
  • Application
  • Autonomous System Name
  • Client Port
  • Client Request ID
  • Destination IP
  • Destination Port
  • Device Name
  • Domain
  • Geo
  • HTTP Request Method
  • Layer 7 Protocol
  • Location
  • Onramp Type
  • Operation
  • Risk
  • Source IP
  • URI
  • User ID
  • Username
  • Sub-Location

📘

You need to be an ​SIA​ administrator or a user with a specific permission to view the Proxy Summary report. For more information, see Roles.

To change the data type in the total proxy activity graph:

  1. In the Threat Protection menu of Enterprise Center, select Reports > Proxy Summary.

  2. Filter activity by date and time. For more information see Filter data based on date and time.

  3. For the Total graph, in the menu, select the data type that you want to view.

Change the data view

In the DNS and Proxy Summary activity reports, you can change the view or graph type of data. In the DNS Summary report, the total queries are reported, while in the Proxy Summary report, the total ​SIA​ Proxy transactions are reported. You can choose between a line graph or bar chart. For the other graphs on the page, you can choose to show data in a table, pie chart, or bar graph.

📘

You need to be an ​SIA​ administrator or a user with a specific permission to view the Proxy Summary report. For more information, see Roles.

To change the data view:

  1. In the Threat Protection menu of Enterprise Center, select Reports > DNS Summary or Reports > Proxy Summary.

  2. Hover over the graph and select one of the graphs or chart type icons that appear.

Filter summary of proxy activity by criteria

You can filter data on the Proxy Summary tab by specific criteria.

📘

You need to be an ​SIA​ administrator or a user with a specific permission to view the Proxy Summary report. For more information, see Roles.

To filter summary of proxy activity by criteria:

  1. In the Threat Protection menu of Enterprise Center, select Reports > Proxy Summary.

  2. To filter data by date and time, see Filter data based on date and time.

  3. At the top of the page, click the filter icon.

  4. Click Add filter dimension or the plus sign icon.

  5. In the menu, select a criterion. Depending on the criterion you select, you can select or enter a value in the provided field. For example, if you select HTTP Request Method, a menu where you select a request method appears. You can select or provide multiple values.

  6. Select whether the filter excludes or includes data based on your criteria, and click Add to Filter.

  7. If you want to add more criteria to your filter, click the plus icon and complete steps 5 and 6.

  8. To view the report with filtered data, click View Report.

Download a spreadsheet

The Proxy Summary report shows the top data values for selected criteria.

Depending on the data you choose to view, you can download a comprehensive list of records in separate spreadsheets.

The data that is included in a spreadsheet is based on the filters you apply. Each spreadsheet can list a maximum of 5,000 records.

📘

You need to be an ​SIA​ administrator or a user with a specific permission to view the Proxy Summary report. For more information, see Roles.

To download a spreadsheet:

  1. In the Threat Protection menu of Enterprise Center, select Reports > Proxy Summary.

  2. To filter proxy activity data by date and time, see Filter data based on date and time.

  3. To filter proxy activity data by criteria, see Filter summary of proxy activity by criteria.

  4. To download a spreadsheet of specific proxy activity data:

    1. Go to one of the one of the top data graphs

    2. If a graph you need is not visible on the page, select the menu icon associated with one of the Top graphs and select the data type you need.

    3. Click the download icon that is located at the top right of the section. If prompted by your browser, save the file to an accessible location on your computer. Otherwise, you can find the file wherever your browser saves downloaded files.

    4. Repeat steps 4a and 4c for the other spreadsheets that you want to download.

Create a PDF of data on the Proxy Summary tab

You can create a PDF that captures data and graphs on the Proxy Summary tab. The PDF contains an image of the page.

📘

You need to be an ​SIA​ administrator or a user with a specific permission to view the Proxy Summary report. For more information, see Roles.

To create a PDF of data on the Proxy Summary tab:

  1. In the Threat Protection menu of Enterprise Center, select Reports > Proxy Summary.

  2. Apply the filters and select the graphical views you need for data on the page.

  3. Click the PDF icon. A PDF with an image of the page is generated. If prompted by your browser to save the PDF, save the file to an accessible location on your computer. Otherwise, you can find the file wherever your browser saves downloaded files.

Updated about 2 years ago