The Activity Volume Report provides an overall summary of traffic by security categories and policies affected by content categories and destination lists. You can view traffic allowed and blocked across these fields as well as the percentage of this traffic for each field and determine which activities may be a potential risk in the organization.
- View Requests by Volume of Activity
- View Activity Volume by Security Categories
- View Activity Volume by Policy Traffic
- View Trends
- A minimum of Read Only access to the Umbrella dashboard. See Manage User Roles.
- Navigate to Reporting > Additional Reports > Activity Volume.
You are presented with a chart that depicts categorized requests over time.
- Choose a time frame to view the activity volume.
The Activity Volume Report can be filtered by the last 24 hours, the previous calendar day (yesterday), the last 7 days, last 30 days, or a custom range within the last 30 days.
- Choose the traffic type to display in the request activity chart.
You can filter the report results by DNS only, Web only, or the default, All.
- If necessary, filter by a specific identity using the search tool.
The Activity Volume Report consists of three main fields of activity (Security, Categories, and Destination Lists), the total Permitted requests, and the Total requests of all traffic. Each field displays the number of requests Allowed, Blocked, the total number of requests, and the percentage of all requests that that field represents. Clicking any hyper-linked data in the chart redirects you to the Top Identities Report filtered by the category and the response (Allowed, Blocked, All).
Note: Allowed Categories do not display any results.
The Security field contains three sub-fields of traffic data relating to potential security risks: Prevent, Contain, and Integrations. For more information about security categories, see DNS Security Categories and Web Security Categories.
The Prevent security section lists the security categories utilized to prevent threats and risks in your environment. The chart provides the number of Allowed, Blocked, Total Requests, and the percentage of Total Requests for each category. The data here provides an insight as to which categories receive the most requests which can determine if policies need to be updated or configured differently.
The Contain section lists two security categories in which threats are contained and prevented from spreading in your environment. The chart provides the number of Allowed, Blocked, Total Requests, and the percentage of Total Requests for each category.
The Integrations sub-field only appears in organizations with at least one integration license.
The Integrations section provides an overview of traffic through various licensed third-party security integrations. The chart provides the number of Allowed, Blocked, Total Requests, and the percentage of Total Requests for each integration. For more information about integrations, see Third-party Security Integrations.
The Categories and Destination Lists fields provide an insight into traffic where requests were allowed or blocked due to policies configured with content categories and destination lists. The chart provides the number of Allowed, Blocked, Total Requests, and the percentage of Total Requests for each field. This information shows what types of policies are receiving the most traffic and may need more efficient management.
Click the View Trend Over Time button to be redirected to the Total Requests Report for an enhanced visualization of traffic trends over a given period of time.
Updated about 20 hours ago