You work with web data types and filters to define the web traffic information that you want to view in a dashboard or report widget or when analyzing charts in Analytics > Web Insights.

When you add or edit a widget in a dashboard or report and select Web in the Widget Settings dialog, you select a data type to view from the Data Type menu and apply filters that you choose from the Add Filter menu.

In the Analytics > Web Insights page, you select a data type to view from the menu above the chart and apply filters that you choose from the Add Filter menu on the left pane.

NOTE: The user, department and location filters list 200 results at a time. They provide Search fields where you can type a few characters and the results narrow down to match your input until you find what you want.

Following are the web data types. Click a data type to learn more about it and its associated filters. Note that some filters and data types are available in Web Insights only. To see a full list of filters, see Web and Mobile Insights Filters.

 

Advanced Threat Super Category

Displays data about advanced threats that the service detected in your organization's web traffic. You can apply the following filters:

  • Advanced Threat Super Category: Use this filter to view data for a specific advanced threat that was detected by the service.
  • Department: Use this filter to view data for advanced threats detected in the web traffic of a specific department. It lists 200 results at a time. Use the Search function to find a specific department.
  • Location: Use this filter to limit the data to advanced threats detected in the web traffic of a specific location. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • Request Type: Use this filter to limit the data to advanced threats detected in a specific HTTP request method. Choose GET to display data for HTTP requests to retrieve data, or choose POST to display data for HTTP requests to submit data to be processed. Post requests include email that was sent though webmail and postings on a social networking site or blog.
  • User: Use this filter to limit the data to advanced threats detected in the web traffic of a specific user. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Web Action: Use this filter to limit the data to advanced threats detected in web traffic that was either allowed or blocked by the service. Choose either Allow or Block.

Bandwidth by Department

Displays data about a department's bandwidth. You can apply the following filters:

  • Bandwidth Action: Use this filter to limit the data to throttled traffic.
  • Bandwidth Class: Use this filter to limit the data to selected bandwidth classes.
  • Bandwidth Rule: Use this filter to limit the data to specific rules in the Bandwidth Control policy.
  • Traffic Direction: Use this filter to limit the data to either inbound or outbound traffic.
  • User: Use this filter to limit the data to the bandwidth usage of a specific user.

Bandwidth by Location

Displays data about a location's bandwidth usage. You can apply the following filters:

  • Bandwidth Action: Use this filter to limit the data to throttled traffic.
  • Bandwidth Class: Use this filter to limit the data to selected bandwidth classes.
  • Bandwidth Rule: Use this filter to limit the data to the bandwidth specific rules in the Bandwidth Control policy.
  • Location: Use this filter to limit the data to a specific location.
  • Traffic Direction: Use this filter to limit the data to either inbound or outbound traffic.
  • User: Use this filter to limit the data to the bandwidth usage of a specific user.

Bandwidth by Rule

Displays bandwidth data for each rule in the Bandwidth Control policy. You can apply the following filters:

  • Bandwidth Action: Use this filter to limit the data to throttled traffic.
  • Bandwidth Rule: Use this filter to limit the data to the bandwidth specific rules in the Bandwidth Control policy.
  • Department: Use this filter to limit the data to a specific department.
  • Location: Use this filter to limit the data to a specific location.
  • Traffic Direction: Use this filter to limit the data to either inbound or outbound traffic.
  • User: Use this filter to limit the data to the bandwidth usage of a specific user.

Bandwidth Class

Displays bandwidth usage in bits-per-second (bsp) for each bandwidth class. You can apply the following filters:

  • Bandwidth Action: Use this filter to limit the data to throttled traffic.
  • Bandwidth Class: Use this filter to limit the data to selected bandwidth classes.
  • Department: Use this filter to limit the data to a specific department.
  • Location: Use this filter to limit the data to a specific location.
  • Traffic Direction: Use this filter to limit the data to either inbound or outbound traffic.
  • User: Use this filter to limit the data to the bandwidth usage of a specific user.

Bandwidth Consumption

Displays a seven-day view of your organization's bandwidth usage in a trend chart. You can drill down to a five minute view. You can apply the following filters:

  • Bandwidth Action: Use this filter to limit the data to throttled traffic.
  • Bandwidth Class: Use this filter to limit the data to selected bandwidth classes.
  • Department: Use this filter to limit the data to a specific department.
  • Bandwidth Rule: Use this filter to limit the data to the bandwidth specific rules in the Bandwidth Control policy.
  • Traffic Direction: Use this filter to limit the data to either inbound or outbound traffic.
  • User: Use this filter to limit the data to the bandwidth usage of a specific user.

Sandbox

Displays data about the Windows executable files, DLLs (dynamic link libraries) and other files that the service analyzed.

Sandbox Action

Displays data grouped according to transactions that were allowed or blocked due to the Sandbox policy.

Cloud Application

Displays web traffic data for social media applications.

  • Cloud Application: Use this filter to limit the data to a specific application. Choose an application from the list.
  • Cloud Application Class: Use this filter to limit the data to applications in a specific application class. Choose an application class from the list.
  • Department: Use this filter to limit the data to a department's web traffic. This filter lists 200 results at a time. Use the Search function to find a specific department.
  • IM Activity: Use this filter to limit the data to instant messaging applications. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Instant Messaging. From the IM Activity filter, you can choose Receive Message or Send Message to further refine the data to sent or received messages, or choose Receive File or Send File to display data for file transfers only.
  • Location: Use this filter to limit the data to a location's web traffic. Choose a location from the list of Internet gateway locations in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • Request Type: Use this filter to limit the data to either HTTP Get or Post requests. Choose GET to display data for HTTP requests to retrieve data, or choose POST to display data for HTTP requests to submit data to be processed.
  • Social Networking Activity: Use this filter to limit the data to web traffic associated with social networking sites. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Social Networking. From the Social Networking Activity filter, you can choose View to restrict the data to transactions associated with viewing networking sites, or choose Publish to restrict the data to transactions associated with posting or uploading content.
  • Streaming & File Sharing Activity: Use this filter to limit the data to the web traffic associated with streaming media and file sharing sites. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Streaming Media/File Share. From the Streaming & File Sharing Activity filter, you can choose Listen to restrict the data to transactions associated with downloading files, or choose Upload to restrict the data to transactions associated with uploading content.
  • User: Use this filter to limit the data to a user's web traffic. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Web Action: Choose either Allow or Block to further restrict the data to either allowed or blocked traffic.
  • Webmail Activity: Use this filter to limit the data to the web traffic associated with webmail applications. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Web Mail. From the Webmail Activity filter, you can choose Send to display data about webmail that was sent, Send Attachment to display data about webmail that included attachments, or View to display data about webmail that was viewed.

Cloud Application Class

Displays web traffic data grouped by application class.

  • Cloud Application Class: Use this filter to limit the data to a specific application class. Choose an application class from the list.
  • Department: Use this filter to limit the data to a department's web traffic. This filter lists 200 results at a time. Use the Search function to find a specific department.
  • DLP Dictionary: Use this filter to limit the data to data leakage detected by the service, based on a specific DLP dictionary. Choose a dictionary from the list. The trend chart does not support applying this filter to this data type.
  • DLP Engine: Use this filter to limit the data to data leakage detected by the service, based on a specific DLP engine. Choose an engine from the list. The trend chart does not support applying this filter to this data type.
  • Location: Use this filter to limit the data to a location's web traffic. Choose a location from the list of Internet gateway locations in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • Request Type: Use this filter to limit the data to either HTTP Get or Post requests. Choose GET to display data for HTTP requests to retrieve data or choose, POST to display data for HTTP requests to submit data to be processed.
  • User: Use this filter to limit the data to a user's web traffic. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Web Action: Choose either Allow or Block to further restrict the data to either allowed or blocked traffic.

Department

Displays data about the web traffic of each department in your organization. You can apply the filters listed below. Note that additional filters are available in Web insights only. To see a full list of filters, see Web and Mobile Insights Filters.

  • Cloud Application Class: Use this filter to limit the data to the web traffic of a Cloud Application class that you select from the list.
  • Department: Use this filter to limit the data to a specific department. It lists 200 results at a time. Use the Search function to find a specific department.
  • IM Activity: Use this filter to limit the data to the web traffic of instant messaging applications. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Instant Messaging. From the IM Activity filter, you can choose Receive Message or Send Message to further refine the data to sent or received messages, or choose Receive File or Send File to display data for file transfers only.
  • Request Type: Use this filter to limit the data to the web traffic of an HTTP request method. Choose GET to display data only for HTTP requests to retrieve data, or choose POST to display data only for HTTP requests to submit data to be processed. Post requests include email that was sent though webmail or posting on a social networking site or blog.
  • Secure Browsing Status: Use this filter to limit the data to web traffic from all installed browsers, plug-ins and applications, or only from installed browsers, plug-ins and applications that the service considers vulnerable. Choose either Installed or Vulnerable. This filter only uses Samples as its data unit.
  • Social Networking Activity: Use this filter to limit the data to web traffic associated with social networking sites. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Social Networking. From the Social Networking Activity filter, you can choose View to restrict the data to transactions associated with viewing networking sites, or choose Publish to restrict the data to transactions associated with posting or uploading content.
  • Streaming & File Sharing Activity: Use this filter to limit the data to the web traffic associated with streaming media and file share sites. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Streaming Media/File Share. From the Streaming & File Sharing Activity filter, you can choose Listen to restrict the data to transactions associated with downloading files, or choose Upload to restrict the data to transactions associated with uploading content.
  • Threat Class: Use this filter to limit the data to detected threats in a Threat Class. Choose Viruses & Spyware, Advanced Threats, or Sandbox.
  • URL Class: Use this filter to limit the data to the web traffic of a specific URL class. Choose a URL class from the list.
  • URL Super Category: Use this filter to limit the data to the web traffic of a specific URL super category. Choose a URL super category from the list.
  • Web Action: Use this filter to limit the data to web traffic that the service either allowed or blocked. Choose either Allow or Block.
  • Webmail Activity: Use this filter to limit the data to the web traffic associated with webmail applications . When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Web Mail. From the Webmail Activity filter, you can choose Send to display data about webmail that was sent, Send Attachment to display data about webmail that included attachments, or View to display data about webmail that was viewed.

DLP Dictionary

Displays data about transactions in which data leakage was detected. The data is grouped according to the DLP (Data Loss Prevention) dictionaries that were used to detect data loss. You can apply the following filters:

  • Department: Use this filter to limit the data to leakage detected in the web traffic of a specific department. This filter lists 200 results at a time. Use the Search function to find a specific department.
  • DLP Dictionary: Use this filter to limit the data to a specific DLP dictionary. Choose a dictionary from the list.
  • Location: Use this filter to limit the data to leakage detected in the web traffic of a specific location. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • User: Use this filter to limit the data to leakage detected in the web traffic of a specific user. This filter lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Web Action: Use this filter to limit the data to leakage detected in web traffic that was either allowed or blocked by the service. Choose either Allow or Block.

DLP Engine

Displays data about transactions in which data leakage was detected. The data is grouped according to the DLP (Data Loss Prevention) engines that were used to detect data loss. You can apply the following filters:

  • Department: Use this filter to limit the data to leakage detected in the web traffic of a specific department. This filter lists 200 results at a time. Use the Search function to find a specific department.
  • DLP Engine: Use this filter to limit the data to a specific DLP engine. Choose a DLP engine from the list.
  • Location: Use this filter to limit the data to leakage detected in the web traffic of a specific location. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • User: Use this filter to limit the data to leakage detected in the web traffic of a specific user. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Web Action: Use this filter to limit the data to leakage detected in web traffic that was either allowed or blocked by the service. Choose either Allow or Block.

Domain

Displays web traffic data grouped by domain. This data type is available in Web insights only. When you summarize by Domain, you can also choose Time to view the duration of time spent on each URL. To see which filters you can apply, see Web and Mobile Insights Filters.

IM Activity

Displays data about the web traffic of instant messaging applications. The trend chart does not support this data type. You can apply the following filters:

  • Cloud Application: Use this filter to limit the data to the IM activity of a specific application, such as Facebook.
  • Department: Use this filter to limit the data to the IM activity of a specific department. It lists 200 results at a time. Use the Search function to find a specific department.
  • IM Activity: Use this filter to limit the data to the web traffic of instant messaging applications. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Instant Messaging. From the IM Activity filter, you can choose Receive Message or Send Message to further refine the data to sent or received messages, or choose Receive File or Send File to display data for file transfers only.
  • Location: Use this filter to limit the data to the IM activity of a specific location. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • User: Use this filter to limit the data to the IM activity of a specific user. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Web Action: Use this filter to limit the data to IM traffic that was either blocked or allowed. Choose either Allow or Block.

Location

Displays data about the web traffic of your organization's locations. You can apply the filters listed below. Note that additional filters are available in Web insights only. To see a full list of filters, see Web and Mobile Insights Filters.

  • Cloud Application Class: Use this filter to limit the data to the web traffic of a Cloud Application class that you select from the list.
  • IM Activity: Use this filter to limit the data to the web traffic of instant messaging applications. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Instant Messaging. From the IM Activity filter, you can choose Receive Message or Send Message to further refine the data to sent or received messages, or choose Receive File or Send File to display data for file transfers only.
  • Location: Use this filter to limit the data to a specific location. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • Request Type: Use this filter to limit the data to the web traffic of an HTTP request method. Choose GET to display data only for HTTP requests to retrieve data, or choose POST to display data only for HTTP requests to submit data to be processed. Post requests include email that was sent though webmail or posting on a social networking site or blog.
  • Secure Browsing Status: Use this filter to limit the data to web traffic from all installed browsers, plug-ins and applications, or only from installed browsers, plug-ins and applications that the service considers vulnerable. Choose either Installed or Vulnerable. This filter only uses samples as its data unit.
  • Social Networking Activity: Use this filter to limit the data to web traffic associated with social networking sites. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Social Networking. From the Social Networking Activity filter, you can choose View to restrict the data to transactions associated with viewing networking sites, or choose Publish to restrict the data to transactions associated with posting or uploading content.
  • Streaming & File Sharing Activity: Use this filter to limit the data to the web traffic associated with streaming media and file sharing sites. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Streaming Media/File Share. From the Streaming & File Sharing Activity filter, you can choose Listen to restrict the data to transactions associated with downloading files, or choose Upload to restrict the data to transactions associated with uploading content.
  • Threat Class: Use this filter to limit the data to threats that the service detected in your organization's web traffic. Select Viruses & Spyware, Advanced Threats, or Sandbox to display data about threats detected in either category.
  • URL Class: Use this filter to limit the data to the web traffic of a specific URL class. Choose a URL class from the list.
  • URL Super Category: Use this filter to limit the data to the web traffic of a specific URL super category. Choose a URL super category from the list.
  • Web Action: Use this filter to limit the data to web traffic that the service either allowed or blocked. Choose either Allow or Block.
  • Webmail Activity: Use this filter to limit the data to the web traffic associated with webmail applications. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Web Mail. From the Webmail Activity filter, you can choose Send to display data about webmail that was sent, Send Attachment to display data about webmail that included attachments, or View to display data about webmail that was viewed.

Request Type

Displays data about the web traffic of each HTTP request method. It displays data for HTTP Get requests to retrieve data and Post requests to submit data to be processed. Post requests include email that was sent though webmail or posting on a social networking site or blog. You can apply the following filters:

  • Advanced Threat Super Category: Use this filter to limit the data to a specific advanced threat type that the service detected in HTTP requests.
  • Cloud Application: Use this filter to limit the data to HTTP requests for a specific application. Choose an application from the list.
  • Cloud Application Class: Use this filter to limit the data to HTTP requests for applications in a specific application class. Choose an application from the list.
  • Department: Use this filter to limit the data to the HTTP requests of a specific department. It lists 200 results at a time. Use the Search function to find a specific department.
  • Location: Use this filter to limit the data to the HTTP requests of a specific location. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • Request Type: Use this filter to limit the data to one HTTP request method. Choose either GET or POST.
  • Threat Class: Use this filter to limit the data to HTTP requests with threats in a Threat Class. Choose Viruses & Spyware, Advanced Threats, or Sandbox.
  • User: Use this filter to limit the data to the HTTP requests of a specific user. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Virus & Spyware Super Category: Use this filter to limit the data to HTTP requests with threats in a Virus and Spyware super category. Choose Virus, Other Malware or Spyware.
  • Virus & Spyware Category: Use this filter to limit the data to HTTP requests with a specific virus or spyware type. This filter cannot be used in a trend chart.
  • Web Action: Use this filter to limit the data to HTTP requests that the service either allowed or blocked. Choose either Allow or Block.

Secure Browsing Class

Displays web traffic data by Secure Browsing class. It only uses samples as its data unit.

  • Department: Use this filter to limit the data to a department's web traffic. It lists 200 results at a time. Use the Search function to find a specific department.
  • Location: Use this filter to limit the data to a location's web traffic. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • Secure Browsing Class: Use this filter to limit the data to web traffic associated with a specific Secure Browsing class. Choose Application, Browser, or Plug-in.
  • Secure Browsing Status: Use this filter to limit the data to web traffic from all installed browsers, plug-ins and applications, or only from installed browsers, plug-ins and applications that the service considers vulnerable. Choose either Installed or Vulnerable.
  • User: Use this filter to limit the data to a user's web traffic. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.

Secure Browsing Status

Displays data about web traffic from all installed browsers, plug-ins and applications, and from installed browsers, plug-ins and applications that the service considers vulnerable. It only uses samples as its data unit.

  • Department: Use this filter to limit the data to a department's web traffic. It lists 200 results at a time. Use the Search function to find a specific department.
  • Location: Use this filter to limit the data to a location's web traffic. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • Secure Browsing Class: Use this filter to limit the data to web traffic associated with a specific Secure Browsing class. Choose Application, Browser, or Plug-in.
  • Secure Browsing Status: Use this filter to limit the data to web traffic from all installed browsers, plug-ins and applications, or only from installed browsers, plug-ins and applications that the service considers vulnerable. Choose either Installed or Vulnerable.
  • Secure Browsing Type: Use this filter to limit the data to web traffic associated with a specific browser, plug-in or application. This filter cannot be used in a trend chart.
  • User: Use this filter to limit the data to a user's web traffic. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.

Secure Browsing Type

Displays data about web traffic associated with specific browsers, plug-ins and applications. It only uses samples as its data unit. This data type cannot be used with a trend chart.

  • Department: Use this filter to limit the data to a department's web traffic. This filter lists 200 results at a time. Use the Search function to find a specific department.
  • Location: Use this filter to limit the data to a location's web traffic. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • Secure Browsing Class: Use this filter to limit the data to web traffic associated with a specific Secure Browsing class. Choose Application, Browser, or Plug-in.
  • Secure Browsing Status: Use this filter to limit the data to web traffic from all installed browsers, plug-ins and applications, or only from installed browsers, plug-ins and applications that the service considers vulnerable. Choose either Installed or Vulnerable.
  • Secure Browsing Type: Use this filter to limit the data to web traffic associated with a specific browser, plug-in or application. This filter cannot be used with a trend chart.

Social Networking Activity

Displays data for web traffic associated with the access and usage of social networking sites. The trend chart does not support this data type. You can apply the following filters:

  • Cloud Application: Use this filter to limit the data to a specific application. Choose an application from the list.
  • Department: Use this filter to limit the data to the social networking activity of a specific department. This filter lists 200 results at a time. Use the Search function to find a specific department.
  • Location: Use this filter to limit the data to the social networking activity of a specific location. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific department.
  • Social Networking Activity: Use this filter to limit the data to web traffic associated with social networking sites. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Social Networking. From the Social Networking Activity filter, you can choose View to restrict the data to transactions associated with viewing networking sites, or choose Publish to restrict the data to transactions associated with posting or uploading content.
  • User: Use this filter to limit the data to a user's web traffic. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Web Action: Use this filter to limit the data to social networking activities that the service either allowed or blocked. Choose either Allow or Block.

Streaming & File Sharing Activity

Displays data about the web traffic associated with the access and usage of streaming media and file sharing sites. The trend chart does not support this data type. You can apply the following filters:

  • Cloud Application: Use this filter to limit the data to the streaming and file sharing activities of a specific application. Choose an application from the list.
  • Department: Use this filter to limit the data to the streaming and file sharing activities of a specific department. It lists 200 results at a time. Use the Search function to find a specific department.
  • Location: Use this filter to limit the data to the streaming and file sharing activities of a specific location. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • Streaming & File Sharing Activity: Use this filter to limit the data to the web traffic associated with streaming media and file sharing sites. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Streaming Media/File Share. From the Streaming & File Sharing Activity filter, you can choose Listen to restrict the data to transactions associated with downloading files, or choose Upload to restrict the data to transactions associated with uploading content.
  • User: Use this filter to limit the data to the streaming and file sharing activities of a specific user. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Web Action: Use this filter to limit the data to streaming and file sharing activities that the service either allowed or blocked. Choose either Allow or Block.

Threat Class

Displays data about the threats that the service detected in the web traffic of your organization. You can apply the following filters:

  • Department: Use this filter to limit the data to threats detected in the web traffic of a specific department. It lists 200 results at a time. Use the Search function to find a specific department.
  • Location: Use this filter to limit the data to threats detected in the web traffic of a specific location. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • Request Type: Use this filter to limit the data to threats detected in either HTTP Get or Post requests. Choose GET to display data for HTTP requests to retrieve data, or choose POST to display data for HTTP requests to submit data to be processed. Post requests include email that was sent though webmail or posting on a social networking site or blog.
  • Threat Class: Use this filter to limit the data to a specific threat class. Choose either Viruses & Spyware, Advanced Threats, or Sandbox.
  • User: Use this filter to limit the data to threats detected in the web traffic of a specific user. It lists 200 results at a time. Use the Search function to find a specific user.This filter cannot be used in a trend chart.
  • Web Action: Use this filter to limit the data to threats detected in web traffic that was either allowed or blocked. Choose either Allow or Block.

URL Category

Displays web traffic data grouped by URL category. The trend chart does not support this data type. You can apply the following filters:

  • Department: Use this filter to limit the data to a department's web traffic. It lists 200 results at a time. Use the Search function to find a specific department.
  • Location: Use this filter to limit the data to a location's web traffic. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • URL Category: Use this filter to limit the data to a specific URL category. Choose a URL category from the list. This filter cannot be used in a trend chart.
  • URL Class: Use this filter to limit the data to a specific URL class. Choose a URL class from the list.
  • URL Super Category: Use this filter to limit the data to a specific URL super category. Choose a URL super category from the list.
  • User: Use this filter to limit the data to a specific user. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Web Action: Use this filter to limit the data to web traffic that was either blocked or allowed. Choose either Allow or Block.

URL Class

Displays web traffic data grouped by URL class. You can apply the following filters:

  • Department: Use this filter to limit the data to a department's web traffic. It lists 200 results at a time. Use the Search function to find a specific department.
  • Location: Use this filter to limit the data to a location's web traffic. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • URL Class: Use this filter to limit the data to a specific URL class. Choose a URL class from the list.
  • User: Use this filter to limit the data to a specific user. Choose a user from the list. This filter lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Web Action: Use this filter to limit the data to web traffic that was either blocked or allowed. Choose either Allow or Block.

URL Host

Displays web traffic data grouped by host. This data type is available in Web insights only. When you summarize by URL host, you can also choose Time to view the duration of time spent on each URL. To see which filters you can apply, see Web and Mobile Insights Filters.

URL Super Category

Displays web traffic data grouped by URL super category. You can apply the following filters:

  • Department: Use this filter to limit the data to a department's web traffic. This filter lists 200 results at a time. Use the Search function to find a specific department.
  • Location: Use this filter to limit the data to a location's web traffic. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • URL Class: Use this filter to limit the data to a specific URL class. Choose a URL class from the list.
  • URL Super Category: Use this filter to limit the data to a specific super category. Choose a URL super category from the list.
  • User: Use this filter to limit the data to a specific user. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Web Action: Use this filter to limit the data to web traffic that was either blocked or allowed. Choose either Allow or Block.

Unknown User Agent

Displays web traffic associated with the unknown user-agent strings that the browser included in its GET request. The user-agent string contains browser and system information that the destination server can use to provide appropriate content. This allows you to see potential malicious activity coming from unknown use agents. This data type is available in Web insights only. To see which filters you can apply, see Web and Mobile Insights Filters.

User

Displays web traffic data organized by user. The trend chart does not support this data type. You can apply the filters listed below. Note that additional filters are available in Web insights only. To see a full list of filters, see Web and Mobile Insights Filters.

  • Cloud Application Class: Use this filter to limit the data to the web traffic of a Cloud Application class that you select from the list.
  • Department: Use this filter to limit the data to the users in a specific department. It lists 200 results at a time. Use the Search function to find a specific department.
  • IM Activity: Use this filter to limit the data to the web traffic of instant messaging applications. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Instant Messaging. From the IM Activity filter, you can choose Receive Message or Send Message to further refine the data to sent or received messages, or choose Receive File or Send File to display data for file transfers only.
  • Location: Use this filter to limit the data to the users in a specific location. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. use the Search function to find a specific location.
  • Request Type: Use this filter to limit the data to the web traffic of an HTTP request method. Choose GET to display data only for HTTP requests to retrieve data, or choose POST to display data only for HTTP requests to submit data to be processed. Post requests include email that was sent though webmail or posting on a social networking site or blog.
  • Secure Browsing Status: Use this filter to limit the data to web traffic from all installed browsers, plug-ins and applications, or only from installed browsers, plug-ins and applications that the service considers vulnerable. Choose either Installed or Vulnerable. This filter only uses samples as its data unit.
  • Social Networking Activity: Use this filter to limit the data to web traffic associated with social networking sites. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Social Networking. From the Social Networking Activity filter, you can choose View to restrict the data to transactions associated with viewing networking sites, or choose Publish to restrict the data to transactions associated with posting or uploading content.
  • Streaming & File Sharing Activity: Use this filter to limit the data to the web traffic associated with streaming media and file sharing sites. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Streaming Media/File Share. From the Streaming & File Sharing Activity filter, you can choose Listen to restrict the data to transactions associated with downloading files, or choose Upload to restrict the data to transactions associated with uploading content.
  • Threat Class: Use this filter to limit the data to threats that the service detected in your organization's web traffic. Select Viruses & Spyware, Advanced Threats, or Sandbox to display data about threats detected in either category.
  • URL Class: Use this filter to limit the data to the web traffic of a specific URL Class. Choose the URL class from the list.
  • URL Super Category: Use this filter to limit the data to the web traffic of a specific URL super category. Choose the URL super category from the list.
  • User: Use this filter to limit the data to the traffic of specific users. Choose the user names from the list. Enable Exclude Location to limit the data to only users. By default, user-related widgets include locations and users.
  • Web Action: Use this filter to limit the data to web traffic that the service either allowed or blocked. Choose either Allow or Block.
  • Webmail Activity: Use this filter to limit the data to the web traffic associated with webmail applications. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Web Mail. From the Webmail Activity filter, you can choose Send to display data about webmail that was sent, Send Attachment to display data about webmail that included attachments, or View to display data about webmail that was viewed.

Threat Category

Displays data about the detected viruses or spyware. The trend chart does not support this data type. You can apply the following filters:

  • Department: Use this filter to limit the data to viruses and spyware detected in the web traffic of a specific department. It lists 200 results at a time. Use the Search function to find a specific department.
  • Location: Use this filter to limit the data to viruses and spyware detected in the web traffic of a specific location. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a specified location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • Request Type: Use this filter to limit the data to viruses and spyware detected in HTTP Get or Post requests. Choose GET to display data for HTTP requests to retrieve data, or choose POST to display data for HTTP requests to submit data to be processed. Post requests include email that was sent though webmail or posting on a social networking site or blog.
  • User: Use this filter to limit the data to viruses and spyware detected in the web traffic of a specific user. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Virus & Spyware Category: Use this filter to limit the data to a specific virus or spyware type that the service detected. Choose a virus or spyware type from the list. This filter cannot be used in a trend chart.
  • Virus and Spyware Super Category: Use this filter to limit the data to a specific Virus and Spyware super category. Choose Virus, Other Malware or Spyware.
  • User: Use this filter to limit the data to a specific user. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Web Action: Use this filter to limit the data to viruses and spyware detected in web traffic that was either blocked or allowed. Choose either Allow or Block.

Threat Super Category

Displays data about the detected viruses and spyware for each Virus and Spyware super category. You can apply the following filters:

  • Department: Use this filter to limit the data to viruses and spyware detected in the web traffic of a specific department. It lists 200 results at a time. Use the Search function to find a specific department.
  • Location: Use this filter to limit the data to viruses and spyware detected in the web traffic of a specific location. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • Request Type: Use this filter to limit the data to viruses and spyware detected in HTTP Get or Post requests. Choose GET to display data for HTTP requests to retrieve data, or choose POST to display data for HTTP requests to submit data to be processed. Post requests include email that was sent though webmail or posting on a social networking site or blog.
  • User: Use this filter to limit the data to viruses and spyware detected in the web traffic of a specific user. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Virus and Spyware Super Category: Use this filter to limit the data to a specific Virus and Spyware super category. Choose Virus, Other Malware or Spyware.
  • Web Action: Use this filter to limit the data to viruses and spyware detected in web traffic that was either blocked or allowed. Choose either Allow or Block.

Web Action

Displays web traffic data grouped according to transactions that were allowed or blocked. You can apply the following filters:

  • Advanced Threat Super Category: Use this filter to limit the data to a specific advanced threat type that was detected.
  • Cloud Application: Use this filter to limit the data to a specific application, such as Facebook. Choose an application from the list.
  • Cloud Application Class: Use this filter to limit the data to the web traffic of a Cloud Application class that you select from the list.
  • Department: Use this filter to limit the data to a department's web traffic. It lists 200 results at a time. Use the Search function to find a specific department.
  • DLP Dictionary: Use this filter to limit the data to data leakage detected by the service, based on a specific DLP dictionary. Choose a dictionary from the list.
  • DLP Engine: Use this filter to limit the data to data leakage detected by the service, based on a specific DLP engine. Choose an engine from the list.
  • IM Activity: Use this filter to limit the data to the web traffic of instant messaging applications. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Instant Messaging. From the IM Activity filter, you can choose Receive Message or Send Message to further refine the data to sent or received messages, or choose Receive File or Send File to display data for file transfers only.
  • Location: Use this filter to limit the data to a location's web traffic. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • Request Type: Use this filter to limit the data to the web traffic of an HTTP request method. Choose GET to display data for HTTP requests to retrieve data, or choose POST to display data for HTTP requests to submit data to be processed. Post requests include email that was sent though webmail or posting on a social networking site or blog.
  • Social Networking Activity: Use this filter to limit the data to web traffic associated with social networking sites. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Social Networking. From the Social Networking Activity filter, you can choose View to restrict the data to transactions associated with viewing networking sites, or choose Publish to restrict the data to transactions associated with posting or uploading content.
  • Streaming and File Sharing Activity: Use this filter to limit the data to the web traffic associated with streaming media and file sharing sites. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Streaming Media/File Share. From the Streaming & File Sharing Activity filter, you can choose Listen to restrict the data to transactions associated with downloading files, or choose Upload to restrict the data to transactions associated with uploading content.
  • Threat Class: Use this filter to limit the data to threats that the service detected in your organization's traffic. Choose Viruses & Spyware, Advanced Threats, or Sandbox to display data about threats detected in either category.
  • URL Category: Use this filter to limit the data to the web traffic of a specific URL category. Choose a URL category from the list. This filter cannot be used in a trend chart.
  • URL Class: Use this filter to limit the data to the web traffic of a specific URL class. Choose a URL class from the list.
  • URL Super Category: Use this filter to limit the data to the web traffic of a specific URL super category. Choose a URL super category from the list.
  • User: Use this filter to limit the data to a user's web traffic. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Virus & Spyware Category: Use this filter to limit the data to a specific virus and spyware type that the service detected. Choose a virus type from the list. This filter cannot be used in a trend chart.
  • Virus and Spyware Super Category: Use this filter to limit the data to a specific Virus and Spyware super category. Choose Virus, Other Malware or Spyware.
  • Web Action: Choose either Allow or Block to further restrict the data to either allowed or blocked traffic.
  • Webmail Activity: Use this filter to limit the data to the web traffic associated with webmail applications. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Web Mail. From the Webmail Activity filter, you can choose Send to display data about webmail that was sent, Send Attachment to display data about webmail that included attachments, or View to display data about webmail that was viewed.

Webmail Activity

Displays data about webmail traffic. The trend chart does not support this data type.

  • Cloud Application: Use this filter to limit the data to a specific application. Choose an application from the list.
  • Department: Use this filter to limit the data to a department's webmail traffic. It lists 200 results at a time. Use the Search function to find a specific department.
  • Location: Use this filter to limit the data to a location's webmail traffic. Choose a location from the list of Internet gateway locations specified in the Locations page. The list includes Road Warrior, the default location for transactions that did not originate from a predefined location. This filter lists 200 results at a time. Use the Search function to find a specific location.
  • User: Use this filter to limit the data to a user's webmail traffic. It lists 200 results at a time. Use the Search function to find a specific user. This filter cannot be used in a trend chart.
  • Web Action: Choose either Allow or Block to further restrict the data to either allowed or blocked traffic.
  • Webmail Activity: Use this filter to limit the data to the web traffic associated with webmail applications. When you select this filter, the dialog automatically adds the Cloud Application Class filter set to Web Mail. From the Webmail Activity filter, you can choose Send to display data about webmail that was sent, Send Attachment to display data about webmail that included attachments, or View to display data about webmail that was viewed.