The Umbrella Documentation Hub

Welcome to the Umbrella documentation hub. Here you'll find access to all of our Cisco Umbrella user guides.

Get Started    

Activity Volume Report

The Activity Volume Report provides an overall summary of traffic by security categories and policies affected by content categories and Destination Lists. You can view traffic allowed and blocked across these fields as well as the percentage of this traffic for each field and determine which activities may be a potential risk in the organization.

View Requests by Volume of Activity

  1. Navigate to Reporting > Additional Reports > Activity Volume.
    You are presented with a chart that depicts categorized requests over time.
  1. Choose a time frame to view the activity volume.
    The Activity Volume Report can be filtered by the Last 24 hours, Yesterday, Last 7 Days, last 30 Days, or a custom range within the last 30 days..
  1. If necessary, filter by a specific identity using the search tool.

The Activity Volume Report consists of three main fields of activity (Security, Categories, and Destination Lists), the total Permitted requests, and the Total requests of all traffic. Each field displays the number of requests Allowed, Blocked, the total number of requests, and the percentage of all requests that that field represents. Clicking any hyper-linked data in the chart redirects you to the Top Identities Report filtered by the category and the response (Allowed, Blocked, All).

View Activity Volume by Security Categories

The Security field contains three sub-fields of traffic data relating to potential security risks: Prevent, Contain, and Integrations. For more information about security categories, see DNS Security Category Definitions.

Prevent

The Prevent security section lists the security categories utilized to prevent threats and risks in your environment. The chart provides the number of Allowed, Blocked, Total Requests, and the percentage of Total Requests for each category. The data here provides an insight as to which categories receive the most requests which can determine if policies need to be updated or configured differently.

Contain

The Contain section lists two security categories in which threats are contained and prevented from spreading in your environment. The chart provides the number of Allowed, Blocked, Total Requests, and the percentage of Total Requests for each category.

Integrations

The Integrations sub-field only appears in organizations with at least one integration license.

Integrations

The Integrations section provides an overview of traffic through various licensed third-party security integrations. The chart provides the number of Allowed, Blocked, Total Requests, and the percentage of Total Requests for each integration. For more information about integrations, see the integrations sections of Manage DNS Security Settings.

View Activity Volume by Policy Traffic

The Categories and Destination Lists fields provide an insight into traffic where requests were allowed or blocked due to policies configured with content categories and destination lists. The chart provides the number of Allowed, Blocked, Total Requests, and the percentage of Total Requests for each field. This information shows what types of policies are receiving the most traffic and may need more efficient management.

View Trends

Click the View Trend Over Time button to be redirected to the Total Requests Report for an enhanced visualization of traffic trends over a given period of time.


Total Requests Report < Activity Volume Report > Top Destinations Report

Updated 3 months ago

Activity Volume Report


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.