The Security Activity report highlights security events generated by your organization's identities visiting destinations flagged—but not necessarily blocked—by Umbrella security researchers as a threat. This includes security events filtered through the Intelligent Proxy and File Inspection.
Activities captured by this report might include attempts to access sites hosting malware or phishing sites, botnet activity on infected machines on your local network, and attempts to download malicious files. To find out about each of the individual activities and categories you can report on, see Manage Security Settings.
Security Events in Umbrella Packages
Not all features described here are available to all Umbrella packages. For example, Cisco AMP and Antivirus events are not available to all packages. To determine your current package, navigate to Admin > Licensing. For more information, see Determine Your Current Package. See also, Cisco Umbrella Packages.
File Retrospective Events and Cisco Secure Malware Analytics (Threat Grid) < Security Activity Report > View Activity and Details by Filters
Updated about 20 hours ago