Proxy activity dimensions
Note: You must be an ETP super
administrator or a user with a specific permission to view the Proxy Activity
report. For more information, see Enterprise Threat Protector roles.
Dimension | Description |
---|---|
Domain | Domain requested by the user. |
Location | Indicates the ETP location where the transaction originated from. |
Action | Policy action that was applied. |
Internal Client IP | Internal IP address of the user’s machine. |
User Name | Username of the user who made the request. |
Destination IP | IP address of the destination (origin) website. |
Destination Port | TCP or UDP port number of traffic such as port 80 for HTTP traffic and port 443 for HTTPS traffic. |
Source IP | IP address of traffic. This is likely the IP address that is assigned to a location as a result of Network Address Translation (NAT). |
Client Port | Port of ETP Client. |
Geo | Geographical location where responses originate from. |
Autonomous System | A unique identifier for a network. |
HTTP Request Method | The action that’s performed during a request. |
Reason | Indicates why traffic was directed to ETP Proxy. For example, it may indicate that traffic was directed for ETP Proxy as a result of Akamai intelligence (threat lists), Acceptable Use Policy (AUP), or as a result of customer intelligence (custom lists created by administrators). |
Onramp Type | Indicates how activity was directed to ETP Proxy. One of these values may appear:
|
Client Request ID | Universally unique identifier (UUID) of ETP Client that’s installed on the machine. |
Machine Name | Name of the user’s machine. |
Groups | User group that’s assigned to the user who made the request. |
Matched Groups | Indicates the users in groups appear in multiple groups. |
User ID | ID of the user who made the request. |
Internal Client Name | Internal client name of machine that’s detected by DNS Forwarder. |
Dictionaries | The specific dictionary that’s used to scan uploaded content for data loss prevention (DLP). |
Patterns | The pattern in a dictionary that’s used to scan uploaded content for DLP. |
File Hash | The hash of the uploaded file that’s scanned by DLP. |
Application | If your organization is participating in the application visibility and control (AVC) beta, this dimension shows the specific web application that is associated with the activity. |
Operation | If your organization is participating in the application visibility and control (AVC) beta, this dimension shows the specific application operation that is associated with the activity. |
Risk | If your organization is participating in the application visibility and control (AVC) beta, this dimension shows the risk level that is associated with the activity. |