Strata Cloud Manager
Report Templates: User Activity
Table of Contents
Report Templates: User Activity
This report gives you visibility into individual users’ browsing patterns.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
|
|
Get visibility into an individual users’ browsing patterns: their most frequently
visited sites, the sites with which they’re transferring data, and attempts to
access high-risk sites.
The data here is based on what’s reported in your URL Filtering logs. This report
also depends on the Cloud Identity Engine (formely Directory Sync)—the Cloud
Identity Engine gives you read-only access to your Active Directory information, so
you can filter this report based on user. If you haven’t yet set up the Cloud
Identity Engine, here’s how. Or, if you already have it set
up, here’s how to integrate the Cloud Identity
Engine with your app.
Monitoring the user activity helps to detect and stop potential threats, protect
sensitive information being misused, and adjust your security policy rule to close security
gaps. The report includes the following data.
| Browsing Summary Requires
Advanced URL Filtering license. | See the numbers for the types of sites with which the user had the most data transfer and number of site visits by the user. |
| Top 10 Most Visited URL CategoriesRequires Advanced URL Filtering license. | View the top URL categories for the user based on data transfer. You can also see the number of unique URLs visited that fall into each URL category. |
| Web Browsing Risk Summary Requires Advanced URL Filtering license. |
Out of the unique URLs visited by the user, watch out for
visits to malicious and high-risk URLs — these sites can
expose your network to threats, data loss, and compliance
violations. If you see more visits to these sites than you’d
expect, adjust your security policy
rule to close the gaps.
|
| Most Visited Sites Requires
Advanced URL Filtering license. | Review the risk level for the most frequently visited sites by the user. High risk URLs need to be monitored as they are likely to expose your network to threats. |
| Blocked URLs with the Most Attempted Visits Requires Advanced URL Filtering
license. | These are the blocked URLs that the user most frequently attempted to access. Review URL filtering logs and see if you need to adjust the security policy rule to change the action. |
| Severe Threats Requires
Advanced Threat Prevention license. | View the total threats detected for the user and the numbers based on the severity of the threats. Compare with the number with other users. Adjust the security policy rule if the numbers are unusually high. |
| Top Severe Threats Requires
Advanced Threat Prevention license | These are the threats most frequently detected for the user. Learn more. |
- To download, share, or schedule a report, select and select any of these icons.
![]()
If you’re scheduling a report, you’ll need to continue to define the report parameters including:- the Time Interval for which to gather data
- the Schedule Parameters, which is the frequency at which you’d like the report to be delivered (daily, weekly, or monthly).
Select the Scheduled Reports tab to view, edit, or delete the reports that have been scheduled to generate.You can choose to delete a scheduled report or edit the schedule.Select the History tab to view the list of reports generated in the past 30 days.
