Strata Cloud Manager
Dashboard: User Activity
Table of Contents
Dashboard: User Activity
This dashboard gives you visibility into individual users’ browsing patterns.
Where Can I Use
This? | What Do I Need? |
|---|---|
|
|
- Click to get started.
What does this dashboard show you?
The dashboard shows the aggregated data per Cortex Data Lake tenant.
Get visibility into an individual users’ browsing patterns: their most frequently
visited sites, the sites with which they’re transferring data, and attempts to
access high-risk sites.
The data here is based on what’s reported in your URL Filtering logs. This report
also depends on the Cloud Identity Engine (formely Directory Sync)—the Cloud
Identity Engine gives you read-only access to your Active Directory information,
so you can filter this report based on user. If you haven’t yet set up the Cloud
Identity Engine, here’s how. Or, if you already have it
set up, here’s how to integrate the Cloud
Identity Engine with your app.
This dashboard supports reports. These icons,
in the top right of a dashboard indicate that
reports are supported for this dashboard. You can share, download, and schedule
reports that cover the data this dashboard displays.
in the top right of a dashboard indicate that
reports are supported for this dashboard. You can share, download, and schedule
reports that cover the data this dashboard displays. How can you use the data from dashboard?
Monitoring the user activity helps to detect and stop potential threats, protect
sensitive information being misused, and adjust your security policy rule to close security
gaps.
Browsing Summary Requires
Advanced URL Filtering license. | See the numbers for the types of sites with which the user
had the most data transfer and number of site visits by the
user. |
Top 10 Most Visited URL Categories Requires Advanced
URL Filtering license. | View the top URL categories for the
user based on data transfer. You can also see the number of
unique URLs visited that fall into each URL category. |
Web Browsing Risk Summary Requires Advanced URL Filtering license. | Out of the unique URLs visited by the user, watch out for
visits to malicious and high-risk URLs — these sites can
expose your network to threats, data loss, and compliance
violations. If you see more visits to these sites than you’d
expect, adjust your security policy
rule to close the gaps. |
Most Visited Sites Requires
Advanced URL Filtering license. | Review the risk level for the most frequently visited sites
by the user. High risk URLs need to be monitored as they are
likely to expose your network to threats. |
Blocked URLs with the Most Attempted Visits Requires Advanced URL Filtering
license. | These are the blocked URLs that the user most frequently
attempted to access. Review URL filtering logs and see if you
need to adjust the security policy rule
to change the action. |
Severe Threats Requires
Advanced Threat Prevention license. | View the total threats detected for the user and the numbers
based on the severity of the threats. Compare with the number
with other users. Adjust the security policy rule
if the numbers are unusually high. |
Top Severe Threats Requires
Advanced Threat Prevention license | These are the threats most frequently detected for the user.
Learn more. |