Summary of Proxy activity

The Proxy Summary activity report shows data about the transactions that were analyzed and handled by Enterprise Threat Protector (ETP) Proxy.
Note: You must be an ETP administrator or a user with a specific permission to view the Proxy Summary report. For more information, see Enterprise Threat Protector roles.
The total number of transactions and the top data values for a dimension are listed. You can report on the following:
  • Top Locations. Indicates the top locations where requests originate from.
  • Top Domain. Shows the top domains that users requested.
  • Top Layer 7 Protocol. Shows how many requests use the HTTP or HTTPS protocols.
  • Top Action. Shows the top policy actions that were applied to traffic.
  • Top Autonomous System Name. Shows the top autonomous system names for responses.
  • Top Source IP. Shows the source IP address where the request originated from.
  • Top Client Port. Shows the top source ports where the request originated from.
  • Top Geo. Shows the top geographical regions where responses originate from.
  • Top Destination IP. Shows the top destination IP addresses for requests that were forwarded to the proxy.
  • Top Destination Port. Shows the top destination ports for requests that were forwarded to the proxy.
  • Top HTTP Request Method. Shows the top HTTP verbs or action that are requested.
  • Top URI. Shows the top Uniform Resource Identifier (URI) or URLs analyzed by the proxy.
  • Top Application. Shows the top web applications that are scanned by the proxy.
  • Top Client Request ID. Shows the top universally unique identifiers (UUIDs) of ETP Client that’s installed on devices.
  • Top Client Device Name. Shows the top device names where ETP Client is installed.
  • Top Onramp Type. Shows the top methods used to forward a request to ETP Proxy.
  • Top Operation. Shows the top web application operations.
  • Top Risk. Shows the top risk levels for a website or web application.
  • Top User ID. Shows the top user IDs that are used to authenticate and gain access to a website or web application.
  • Top User Name. Show the top usernames that are used to authenticate and gain access to a website or web application.
  • Top Sub-Location. Shows the top sub-locations where requests originate from.

By default, the Proxy Summary tab reports on the top values for locations, domains, Layer 7 Protocol, and the top policy actions. If you are a delegated administrator or tenant administrator, the data that appears on this tab is based on the locations you created and are allowed to access.

When viewing graphs, you can hover over parts of them to view total numbers.

Depending on the information, you can also select different views of the data:
  • For the Total Transactions, you can show data in a line or bar graph.
  • For the specific dimensions, you can show data in a bar graph, pie chart, or table. You can also download all data into separate spreadsheets. While the Proxy tab provides a graphical view of this data, you can download the spreadsheet to view a complete list of data in each of these areas. For more information see Create a PDF of data on the Proxy Summary tab.

The Proxy Summary activity report also includes an icon where you can produce a PDF of the page. The PDF shows an image of the report from the point in time when you selected to produce the PDF. For example, the applied filters and graphs are captured in the PDF.