Get Started with Reports

Use Cisco Umbrella's reports to monitor your Umbrella integration and to better understand your Umbrella usage. Gain insights into request activity and blocked activity, determining which of your identities are generating blocked requests. Reports help build actionable intelligence in addressing security threats including changes in usage trends over time.

Available Reports

• Security Activity—Security-related activity in your environment, including malware, phishing, and all other security categories over the selected time period. Filterable by identity, destination, source IP, and security category.
• Activity Search—Activity from the identities in your environment over a selected time period. Filterable by identity name, destination, source IP, response, content category, and security category.
• App Discovery—Information about the cloud apps in use in your environment.
• Top Threats Report—Highlights blocked and allowed threats your organization may have been exposed to over a selected period of time.
• Total Requests—Total requests for destinations from your organization over the selected time period. Filterable by identity.
• Activity Volume—Total queries within your organization broken down by security categories and results over the selected time period.
• Top Destinations—A list of the top traffic-generating identities over the selected time period. Filterable by identity and destination.
• Top Categories—A list of the top content categories for your organization over the selected time period. Filterable by identity and response.
• Top Identities—Lists your identities in the order of which is most active, then allowing you to drill down to find out more about that specific identity and what destinations they have visited, whether those destinations are malicious or not, and a trend of their overall traffic.
• Admin Audit Log—A record of any configuration changes made to your settings by any of your Umbrella administrators.

Get Started with Reports > Export Report Data to CSV